1

I have a certificate uploaded to azure and it's in the configuration like...

<?xml version="1.0" encoding="utf-8"?>
<ServiceConfiguration serviceName="MyService" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration" osFamily="4" osVersion="*" schemaVersion="2014-01.2.3">
  <Role name="MyRole">
    <Instances count="1" />
    <ConfigurationSettings>
          ...
    </ConfigurationSettings>
    <Certificates>
      <Certificate name="MyCert" thumbprint="CB3611F7D2406AB12094AE9489C50FE1A8B6BFF6" thumbprintAlgorithm="sha1" />
    </Certificates>
  </Role>
</ServiceConfiguration>

Is there anything like...

X509Certificate2 myCert = Config.Certs["MyCert"];

or even similar to get the thumbprint to pull it out of the store directly? I don't see anywhere in the runtime SDK where I can get the cert or even the thumbprint.

noctonura
  • 12,763
  • 10
  • 52
  • 85
  • It seems to me like allowing this kind of access to the certificate would be a *"bad idea"*. Personally, if I had to do this I would probably use a different certificate and add it as a resource. [Have a look here for possible solution](http://stackoverflow.com/questions/5661925/how-can-you-get-a-certificate-in-code-on-windows-azure) – Vasily Sliounaiev Apr 18 '14 at 23:15

2 Answers2

1

There is no way to enumerate the certs. The standard way to implement this is to add the cert thumbprint as a configuration setting in the csdef/cscfg and then look up the thumbprint at runtime via that configuration setting.

kwill
  • 10,867
  • 1
  • 28
  • 26
0
private static X509Certificate2 GetCertificate()
    {
        var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
        store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
        X509Certificate2Collection matchedCertificates =
                store.Certificates.Find(X509FindType.FindByThumbprint, "XXXXX", false);

        X509Certificate2 cert;
        if (matchedCertificates.Count > 0)
        {
           cert = matchedCertificates[0];
        }
        store.Close();            
        return cert;
    }
user3257710
  • 64
  • 4