无法将FabricClient验证到受保护的Service Fabric群集

本文介绍了无法将FabricClient验证到受保护的Service Fabric群集的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我有一个安全的服务结构集群.相同的证书被用作服务器证书和客户端身份验证.我无法在控制台应用程序中创建FabricClient，该应用程序将允许我连接到此群集.我正在使用使用客户端证书连接到安全群集"下的:

I have a secured service fabric cluster. The same certificate is being used as the server certificate and for client authentication. I am unable to create a FabricClient in a console application that will allow me to connect to this cluster. I am using the code snippet documented here under "Connect to a secure cluster using a client certificate":

static void Main(string[] args)
{
    string thumb = "‎1234567890123456789012345678901234567890";
    string CommonName = "somefabric.cloudapp.azure.com";
    string connection = "somefabric.cloudapp.azure.com:19000";

    try
    {
        X509Credentials xc = GetCredentials(thumb, thumb, CommonName);
        FabricClient fc = new FabricClient(xc, connection);
        Console.WriteLine("Cluster is connected");
    }
    catch (Exception e)
    {
        Console.WriteLine(e.Message);
    }
    Console.ReadKey();
}


static X509Credentials GetCredentials(string clientCertThumb, string serverCertThumb, string name)
{
    X509Credentials xc = new X509Credentials();

    // Client certificate
    xc.StoreLocation = StoreLocation.CurrentUser;
    xc.StoreName = "MY";
    xc.FindType = X509FindType.FindByThumbprint;
    xc.FindValue = clientCertThumb;

    // Server certificate
    xc.RemoteCertThumbprints.Add(serverCertThumb);
    xc.RemoteCommonNames.Add(name);

    xc.ProtectionLevel = ProtectionLevel.EncryptAndSign;
    return xc;
}

此代码导致

似乎证书确实通过其他方式授予了我访问权限.我能够成功查看Fabric Explorer和以下PowerShell命令也成功连接到集群

It seems like the certificate does grant me access via other means. I am able to successfully view the Fabric Explorer andthe following PowerShell command also connects to the cluster successfully

Connect-ServiceFabricCluster 
    -ConnectionEndpoint somefabric.cloudapp.azure.com:19000 
    -X509Credential 
    -FindType FindByThumbprint 
    -FindValue 1234567890123456789012345678901234567890 
    -StoreLocation CurrentUser 
    -StoreName MY 
    -ServerCertThumbprint 1234567890123456789012345678901234567890

我在做什么错了?

推荐答案

我完全解决了这个确切的问题，但原因却大不相同.

I fell over this exact problem but the cause was quite different.

我对此感到困惑；

https资源管理器正常工作(在IExporer中)
Powershell Connect-ServiceFabricCluster也起作用.
Visual Studio发布失败

我发现我的指纹值后面附加了4个不可见字符，这可能是剪切和粘贴操作的产物.怎么，为什么呢?邓诺

I found out that there were 4 invisible characters appended to my thumbprint value, probably an artifact of a cut and paste operation. How, why? Dunno

只有在编辑Deploy-FabricApplication添加此行之后，我才发现这一点.

I found that out only after i edited Deploy-FabricApplication to add this line.

$publishProfile.ClusterConnectionParameters|Format-List

就在

[void](Connect-ServiceFabricCluster @ClusterConnectionParameters)

然后我看到看不见的字符显示为????在指纹的末尾.

I then saw the invisible characters displayed as ???? at the end of the thumbprint.

使用Binary编辑器打开Cloud.xml文件使我可以看到它们并将其删除.

Opening the Cloud.xml file with the Binary editor allowed me to see them and delete them.

然后我可以发布我的应用程序.

Then I could publish my application.

这篇关于无法将FabricClient验证到受保护的Service Fabric群集的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！