Windows Azure:尝试创建凭据时出现身份验证错误
底部更新:
我第一次尝试将测试应用程序上传到 Windows Azure,但在创建凭据时遇到问题。
以下是我要执行的步骤:
我在 Visual Studio 中创建凭据和证书,并将证书上传到 Azure,如下所示:
- 右键单击服务器资源管理器中的 Windows Azure 计算
- 选择添加部署环境
- 右键单击“Windows Azure 订阅”
- 选择管理
- 选择 新建
- 在“Windows Azure 项目管理身份验证”中
- 在“创建或选择现有证书进行身份验证”中,选择“创建”
- 输入证书“Test1”的友好名称,单击“确定”
- 单击“复制完整路径”并浏览到“管理证书”在 Azure 管理门户上
- 单击“添加证书”,单击“浏览”,粘贴复制的路径,单击“打开”,然后单击“确定”创建证书
- 返回 Visual Studio,复制订阅 ID 将
- 凭据命名为“测试信用”
- 单击“确定
”唷...
,这里是位置我遇到了问题......当我单击“确定”时,弹出错误:
“Windows Azure 连接错误” “身份验证失败。请验证您的凭据是否有效或重新下载。 调试信息:n 通过 HTTP 通道传输数据时发生错误(请求被中止:请求被取消。)。 请求已中止:请求已取消。
如果我尝试从 Visual Studio 解决方案进行发布并以与上述类似的方式创建凭据,“Windows Azure 发布登录”屏幕还会启动“Windows Azure项目管理认证”屏幕。按照上述 7-13 的相同步骤,我收到以下连接错误:
“Windows Azure 连接错误” “身份验证失败。请验证您的凭据是否有效或重新下载。 远程服务器返回意外响应:(502) 代理错误(该网站需要客户端证书,但对请求应用 HTTPS 检查时无法提供客户端证书。)。 远程服务器返回错误:(502) 错误网关。
很长的帖子,对此表示歉意......有任何 Azure 专家可以提供帮助吗?
提前致谢!
更新 经过更多挖掘并开始完全理解错误消息后,发现 Forefront TMG 妨碍了操作,并且到 Azure 的隧道传输失败。它不会转发我机器上的证书。只需等待 IT 部门为我解决此问题(希望如此!)
更新 2 IT 部门为我解决这个问题后(他们必须绕过各种 Azure 域/IP 的代理),我遇到了进一步的问题: https://management.core.windows.net/
最后的IP地址有一个美国数据中心,我相信IT必须解锁在我们的防火墙中。完成后,我可以从 Visual Studio 进行部署。欢呼!!
UPDATE at bottom:
I am trying to upload a test app to Windows Azure for the first time and having problems when creating credentials.
These are the steps I'm following:
I create the credentials and certificate in Visual Studio, and upload the certificate to Azure as follows:
- right click Windows Azure Compute in server explorer
- Select Add deployment environment
- right click "Windows Azure Subscriptions"
- Select Manage
- Select New
- In "Windows Azure Project Management Authentication"
- In "Create or select an existing certificate for authentication", select "Create"
- Enter friendly name for cert "Test1", click OK
- Click "Copy the full path" and browse to "Management Certificates" on the Azure Management Portal
- Click "Add Certificate", click browse, paste the the copied path in, click Open, then Ok to create the cert
- Back in Visual Studio, copy in the subscription ID
- Name the credentials "Test creds"
- Click Ok
phew....
and here is where I have the issue..... when I click OK I get an error pop up:
"Windows Azure Connection Error"
"Authentication failed. Verify that your credentials are valid or download them again.
Debug information: n error (The request was aborted: The request was canceled.) occurred while transmitting data over the HTTP channel.
The request was aborted: The request was canceled.
If I try to publish from my Visual Studio solution and create my credentials in a similar fashion to above, the "Windows Azure Publish Sign In" screen also launches the "Windows Azure Project Management Authentication" screen. Following the same steps above 7-13, and I get the following connection error:
"Windows Azure Connection Error"
"Authentication failed. Verify that your credentials are valid or download them again.
The remote server returned an unexpected response: (502) Proxy Error ( The Web site requires a client certificate, but a client certificate cannot be supplied when HTTPS inspection is applied to the request. ).
The remote server returned an error: (502) Bad Gateway.
Long post, apologies for that.... any Azure experts out that can help?
Thanks in advance!
Update
After more digging and starting to fully understand the error messages, it turns out that Forefront TMG is getting in the way and the tunneling out to Azure is failing. It doesn't forward on the certificate that is on my machine. Just waitint for IT to resolve this for me (hopefully!)
Update 2
Once IT sorted that out for me (they had to bypass the proxy for various Azure domain/IPs, I had a a further issue:There was no endpoint listening at https://management.core.windows.net/<Subscription_ID>/services/hostedservices that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. Unable to connect to the remote server No connection could be made because the target machine actively refused it 70.37.71.239:443
The IP address at the end there is a US datacenter I believe and IT had to unblock that in our firewall. Once that was done I could deploy from Visual Studio. Hurrah!!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
好吧,我首先要说的是,坚持住!证书管理组件绝对不是 Azure 最直观的部分:)
我建议您尝试手动执行此操作。我的直觉告诉我,你的证书没有正确对齐,虽然手动完成它可能看起来令人畏惧,但它通常最终会变得更简单。
在您进行进一步操作之前,我会阅读此简短概述,然后,执行以下操作...
本文第一部分中创建的 .cer 文件是添加到“管理证书”中的文件。确保给它一个易于识别的名称(稍后会详细介绍)。
然后,将接下来创建的 .pfx 上传到您尝试使用的角色/实例。
此时,您可能还想在本地计算机中手动安装证书(只需右键单击 .cer 文件并选择“安装证书”)。我们处理的关键挑战是确保它最终出现在视觉工作室可以读取的个人商店中,因此您可能需要在它起作用之前尝试一些。通常,“我的”或“个人”商店效果最好。我说的是通常:)
一旦你这样做了,你应该能够返回并简单地选择你刚刚创建的证书。这就是易于识别的名称发挥作用的地方:)
希望这会有所帮助!
Well, I'll start by saying, hang in there! The certs management component is definitely not the most intuitive part of Azure:)
I'm going to recommend that you try doing this manually. My gut is telling me that your certs aren't aligning properly, and while it may look daunting to do it manually, it often ends up being simpler.
I would read this brief overview before you do anything further, then, do the following...
The .cer file created in the first part of the article is the one added to the 'Management Certificates'. Make sure you give it an easily identifiable name (more on this later).
Then, upload the .pfx created next, to that role/instance you're trying to work with.
At this point, you may also want to manually install the certificate in your local machine (just right click the .cer file and select 'Install Certificate'). The key challenge we've dealt with, is making sure it ends up in a personal store that can be read by visual studio, so you may need to try a few before it works. Usually, the 'My' or 'Perosonal' stores work best. I say usually though:)
Once you do this, you should be able to walk back through and simply select the certificate you just created. And here is where the easily identifiable name comes into play:)
Hope this helps!