Я пытаюсь синхронизировать c на предварительных ключах с настройкой azure в облаке, чтобы обе среды могли расшифровать маркеры доступа к заголовку авторизации.
В настоящее время у меня есть эта настройка:
Добавлен существующий файл ключа xml в этом формате в azure хранилище BLOB-объектов:
<?xml version="1.0" encoding="utf-8"?>
<key id="id..." version="1">
<creationDate>2018-05-08T17:44:54.9313191Z</creationDate>
<activationDate>2018-05-08T17:44:54.8979462Z</activationDate>
<expirationDate>2023-05-07T17:44:54.8979462Z</expirationDate>
<descriptor deserializerType="Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel.AuthenticatedEncryptorDescriptorDeserializer, Microsoft.AspNetCore.DataProtection, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60">
<descriptor>
<encryption algorithm="AES_256_CBC" />
<validation algorithm="HMACSHA256" />
<masterKey p4:requiresEncryption="true" xmlns:p4="http://schemas.asp.net/2015/03/dataProtection">
<!-- Warning: the key below is in an unencrypted form. -->
<value>my-shared-key</value>
</masterKey>
</descriptor>
</descriptor>
</key>
Зарегистрированный ключ во время приложения запуск такой:
services.AddDataProtection()
.SetApplicationName("common-app-name")
.DisableAutomaticKeyGeneration()
.PersistKeysToAzureBlobStorage(new Uri("my uri/sas"));
Просмотр этих предупреждений / ошибок во время запуска:
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[15]
Unknown element with name 'creationDate' found in keyring, skipping.
Loaded
Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager:Warning: Unknown element with name 'creationDate' found in keyring, skipping.
Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager:Warning: Unknown element with name 'activationDate' found in keyring, skipping.
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[15]
Unknown element with name 'activationDate' found in keyring, skipping.
Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager:Warning: Unknown element with name 'expirationDate' found in keyring, skipping.
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[15]
Unknown element with name 'expirationDate' found in keyring, skipping.
Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager:Warning: Unknown element with name 'descriptor' found in keyring, skipping.
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[15]
Unknown element with name 'descriptor' found in keyring, skipping.
Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider:Error: An error occurred while reading the key ring.
System.InvalidOperationException: The key ring does not contain a valid default protection key. The data protection system cannot create a new key because auto-generation of keys is disabled.
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.CreateCacheableKeyRingCore(DateTimeOffset now, IKey keyJustAdded)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.Microsoft.AspNetCore.DataProtection.KeyManagement.Internal.ICacheableKeyRingProvider.GetCacheableKeyRing(DateTimeOffset now)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.GetCurrentKeyRingCore(DateTime utcNow)
fail: Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider[48]
An error occurred while reading the key ring.
Где я тут ошибаюсь?
Заранее спасибо.
обновление:
Также пробовал этот способ регистрации ключей azure, но все еще видит ту же ошибку:
var storageAccount = CloudStorageAccount.Parse("<connectionstring + access key>");
var client = storageAccount.CreateCloudBlobClient();
var container = client.GetContainerReference("dev");
container.CreateIfNotExistsAsync().GetAwaiter().GetResult();
services.AddDataProtection()
.SetApplicationName("common-name")
.PersistKeysToAzureBlobStorage(container, "keys.xml")
.DisableAutomaticKeyGeneration();