Deployment info for .NetCore 8 to Azure app service #1491

HBSbwilliamson · 2024-06-26T21:08:35Z

HBSbwilliamson
Jun 26, 2024

Can we add a document section for deployment to an Azure App Service as a web API including storing the auth cert in Azure Key Vault?
string connectionString = builder.Configuration["AzureAD:VaultUri"];
var keyVaultEndpoint = new Uri(connectionString);
var kvClient = new SecretClient(keyVaultEndpoint, new DefaultAzureCredential());
var kvSecret = await kvClient.GetSecretAsync("cert-name");
var kvClientCert = new CertificateClient(keyVaultEndpoint, new DefaultAzureCredential());
var cert = kvClientCert.GetCertificateAsync("cert-name").ConfigureAwait(false).GetAwaiter().GetResult();
var cert_content = cert.Value.Cer;
// This call using GetCertificateAsync returns a certificate without a private key
X509Certificate2 x509 = new X509Certificate2(cert_content);
// This call using GetSecretAsync returns a certificate with the private key (required)
X509Certificate2 x509certificate = new X509Certificate2(Convert.FromBase64String(kvSecret.Value.Value));
builder.Configuration.AddAzureKeyVault(keyVaultEndpoint, new DefaultAzureCredential());

options.Credentials.Configurations.Add("x509certificate",
        new PnPCoreAuthenticationCredentialConfigurationOptions
        {
            ClientId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            TenantId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            X509Certificate = new PnPCoreAuthenticationX509CertificateOptions
            {
                Certificate = x509certificate
            }
        });
options.Credentials.DefaultConfiguration = "x509certificate";

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Deployment info for .NetCore 8 to Azure app service #1491

Uh oh!

{{title}}

Uh oh!

Replies: 0 comments

Select a reply

Uh oh!

Deployment info for .NetCore 8 to Azure app service #1491

Uh oh!

HBSbwilliamson Jun 26, 2024

Replies: 0 comments

HBSbwilliamson
Jun 26, 2024