【发布时间】:2020-05-29 07:32:17
【问题描述】:
我创建了一个包含多个客户端应用程序的 IdentityServer4 项目。我使用自签名证书文件 my_certificate.pfx 来生成登录令牌。它在本地主机上运行良好。
但是,将其用于共享网络托管服务器时,它不起作用。
承载 IdentityServer4 的应用运行正常,表明服务器应用可以访问证书文件。但是,尝试从客户端应用程序登录时会生成以下错误:
WindowsCryptographicException: The system cannot find the file specified.
System.Security.Cryptography.CngKey.Open(string keyName, CngProvider provider, CngKeyOpenOptions openOptions)
System.Security.Cryptography.CngKey.Open(string keyName, CngProvider provider)
Internal.Cryptography.Pal.CertificatePal.GetPrivateKey<T>(Func<CspParameters, T> createCsp, Func<CngKey, T> createCng)
Internal.Cryptography.Pal.CertificatePal.GetRSAPrivateKey()
System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKey()
Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKeyStatus()
Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider.FoundPrivateKey(SecurityKey key)
Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(SecurityKey key, string algorithm, bool willCreateSignatures)
Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(SecurityKey key, string algorithm, bool willCreateSignatures, CryptoProviderFactory cryptoProviderFactory)
Microsoft.IdentityModel.Tokens.CryptoProviderFactory.CreateSignatureProvider(SecurityKey key, string algorithm, bool willCreateSignatures)
Microsoft.IdentityModel.Tokens.CryptoProviderFactory.CreateForSigning(SecurityKey key, string algorithm)
Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.CreateEncodedSignature(string input, SigningCredentials signingCredentials)
System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.WriteToken(SecurityToken token)
IdentityServer4.Services.DefaultTokenCreationService.CreateJwtAsync(JwtSecurityToken jwt)
IdentityServer4.Services.DefaultTokenCreationService.CreateTokenAsync(Token token)
IdentityServer4.Services.DefaultTokenService.CreateSecurityTokenAsync(Token token)
IdentityServer4.ResponseHandling.AuthorizeResponseGenerator.CreateImplicitFlowResponseAsync(ValidatedAuthorizeRequest request, string authorizationCode)
IdentityServer4.ResponseHandling.AuthorizeResponseGenerator.CreateHybridFlowResponseAsync(ValidatedAuthorizeRequest request)
IdentityServer4.ResponseHandling.AuthorizeResponseGenerator.CreateResponseAsync(ValidatedAuthorizeRequest request)
IdentityServer4.Endpoints.AuthorizeEndpointBase.ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent)
IdentityServer4.Endpoints.AuthorizeEndpoint.ProcessAsync(HttpContext context)
IdentityServer4.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IEndpointRouter router, IUserSession session, IEventService events)
IdentityServer4.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IEndpointRouter router, IUserSession session, IEventService events)
IdentityServer4.Hosting.MutualTlsTokenEndpointMiddleware.Invoke(HttpContext context, IAuthenticationSchemeProvider schemes)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context)
NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
如何让客户端应用正常运行?
谢谢
【问题讨论】:
-
您找到解决方案了吗?有完全相同的问题
-
这个答案为我解决了这个问题:X509Certificate Constructor Exception
标签: asp.net-core identityserver4 openid-connect