0
votes

I need to call a REST API from azure function app which requires a client certificate. I followed this How to manage signed certificates with Azure Function V2 and did below steps:-

1)I have uploaded my private key certificate(.PFX) in TLS/SSL settings under private key certificate.

2)Added a key under configuration/application settings for

WEBSITE_LOAD_CERTIFICATES: "My Cert Thumbprint"

Then I tried to access the certificate in my code using this

using System; using System.Security.Cryptography.X509Certificates;

...
X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
certStore.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certCollection = certStore.Certificates.Find(
                            X509FindType.FindByThumbprint,
                            // Replace below with your certificate's thumbprint
                            "000000000000000000000000000000000000000",
                            false);
// Get the first cert with the thumbprint
if (certCollection.Count > 0)
{
    X509Certificate2 cert = certCollection[0];
    // Use certificate
    Console.WriteLine(cert.FriendlyName);
}
certStore.Close();
...

I don't get back any certificate. What am I doing wrong? If I upload a public certificate(.cer), I am able to access the certificate but it doesn't have the private key so I am unable to call the service.

1

1 Answers

1
votes

First, please check if you have copy the Thumbprint(in below screenshot) to your function application settings WEBSITE_LOAD_CERTIFICATES. enter image description here

Then please test with some other fields of cert in your code because sometimes the certificate doesn't have FriendlyName. I test in my side and it shows nothing for FriendlyName. Then I test with Issuer, it works fine.(Notice I use log.LogInformation(cert.Issuer); instead of Console.WriteLine(cert.Issuer); because I find Console.WriteLine shows nothing) enter image description here