我通过http触发器themeplate编写了一个c# . net 6 azure函数,并在本地进行了测试,成功地使用OpenSSL生成了一个privateKeyFile。和一个csrFile.csr. conf文件。在本地运行函数,它工作得很好,我发现两个生成的文件都在projectFolder>bin>debug路径中。
当我在Azure (Linux环境)中部署我的函数并以同样的方式测试它时,出现OpenSSL错误:无法打开"privateKeyFile.key">
<n">我有两个问题:
- 是否有一种方法来授予写权限,以完成操作?
- 我应该在哪里找到创建的文件?
我的函数代码(我不认为阅读它可以帮助理解问题,无论如何我把它留在这里)
using System;
using System.IO;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Azure.WebJobs;
using Microsoft.Azure.WebJobs.Extensions.Http;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging;
using Newtonsoft.Json;
using System.Text;
using System.Diagnostics;
namespace CertificateManager
{
public static class Function1
{
[FunctionName("Function1")]
public static async Task<IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = null)] HttpRequest req,
ILogger log)
{
log.LogInformation("C# HTTP trigger function processed a request.");
var response = new CsrResponse();
var originalName = req.Query["Organization"];
var name = originalName.ToString().ToLowerInvariant();
var keyFileName = $"{name}.key";
var csrFileName = $"{name}.csr";
DeleteFileIfExists(keyFileName);
DeleteFileIfExists(csrFileName);
var subject = $"/C={req.Query["Country"]}/ST={req.Query["State"]}/L={req.Query["Location"]}/O={req.Query["Organization"]}/OU={req.Query["OrganizationalUnit"]}/CN={req.Query["CommonName"]}";
var command = $" req -nodes -newkey rsa:4096 -keyout "{keyFileName}" -out "{csrFileName}" -subj "{subject}"";
var logs = ExecuteOpenSsl(command);
response.Logs = logs.ToString();
if (File.Exists(csrFileName))
{
var text = new StringBuilder();
text.AppendLine(await File.ReadAllTextAsync(csrFileName));
text.AppendLine(await File.ReadAllTextAsync(keyFileName));
response.CsrText = text.ToString();
}
log.LogInformation(response.ToString());
return new OkObjectResult(response);
}
private static StringBuilder ExecuteOpenSsl(string command)
{
var logs = new StringBuilder();
var executableName = "openssl";
var processInfo = new ProcessStartInfo(executableName)
{
Arguments = command,
UseShellExecute = false,
RedirectStandardError = true,
RedirectStandardOutput = true,
CreateNoWindow = true
};
var process = Process.Start(processInfo);
while (!process.StandardOutput.EndOfStream)
{
logs.AppendLine(process.StandardOutput.ReadLine());
}
logs.AppendLine(process.StandardError.ReadToEnd());
return logs;
}
private static void DeleteFileIfExists(string keyFileName)
{
if (System.IO.File.Exists(keyFileName))
{
System.IO.File.Delete(keyFileName);
}
}
// models
public class CsrResponse
{
public string CsrText { get; set; }
public string Logs { get; set; }
}
}
}
感谢@Ketan张贴您的建议在社区wiki中帮助其他社区成员解决类似问题,以便他们可以找到解决他们的问题。
WEBSITE_RUN_FROM_PACKAGE应用程序设置值为1,zip部署api将您的包复制到d:homedata siteppackages文件夹,而不是将文件解压缩到d:homesitewwwroot。它还创建packagename.txt文件。重新启动后,包为作为只读文件系统挂载到wwwroot。从包中运行Wwwroot只读,因此在将文件写入时将收到错误这目录。
- 还要确保你已经在azure的配置中添加了
connection string作为localsettings.json,而不是自动上传到云端。
更多信息请参考SO THREAD|Azure函数写入文件