问题
I've imported a public certificate to my azure function through
My Azure function app service -> Platform Features tab -> SSL -> Public Key Certificates (.cer)
Now how do I access this through my azure function?
I've tried researching this but the only results I can find are for using a private certificate
Currently to get around this I am telling node to ignore the self signed certificate for the endpoint I am integrating with by setting process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
I would like to use the certificate instead.
Edit:
I ended up adding the certificate chain to a folder and reading the files from the folder in my application. Still doesn't answer the question on how to use the azure uploaded certificate though
const https = require('https');
https.globalAgent.options.ca = [
fs.readFileSync(__dirname + '/certs/master.pem'),
fs.readFileSync(__dirname + '/certs/root.pem')
];
回答1:
You can get the certificate uploaded on the TLS/SSL settings by configuring the app settings WEBSITE_LOAD_CERTIFICATES with the value of the certificate thumbprint.
the below is the code where you can fetch the certificate in a programmatic manner using node.js (with npm package 'win-ca').
const http = require('http');
const ca = require('win-ca');
// Create an instance of the http server to handle HTTP requests
let app = http.createServer((req, res) => {
// Set a response type of plain text for the response
res.writeHead(200, { 'Content-Type': 'text/plain' });
// certificate fetch
let certificates = []
// Fetch all certificates in PEM format from My store
ca({
format: ca.der2.pem,
store: ['My'],
ondata: crt => certificates.push(crt)
})
// Send back a response and end the connection
res.end("Certificate count under 'My' store is" + certificates.length);
});
let port = process.env.PORT || 3000;
// Start the server on port 3000
app.listen(port);
console.log('Node server running on port ' + port);
You can change the store parameter to which you want the certificate from ex: Root, My, CertificationAuthority, AuthRoot.
回答2:
I created an issue with the documentation page and they updated it to say you can only load SSL certs stored in azure with c#
If you're not using c# you have to store the ssl cert in a folder with your code and read it from the file as in my example.
来源:https://stackoverflow.com/questions/58527882/how-to-access-a-public-certificate-in-a-node-js-azure-function