Setting Up Named Authentication Credentials
To publish a Windows Azure application to Windows Azure from Visual Studio or to monitor an existing hosted service, you must provide credentials that Visual Studio can use to authenticate requests to Windows Azure. In the Windows Azure Platform Management Portal, this authentication process is handled transparently by using your Microsoft Live ID log-in. However, when you use Visual Studio you must explicitly authenticate your subscription. Two items of data are required for this explicit authentication:
Your subscription ID
A valid X.509 v3 certificate
 Note |
|---|
The length of the X.509 v3 certificate's key must be at least 2048 bits. Windows Azure will reject any certificate that does not meet this requirement or that is invalid. |
Visual Studio uses your subscription ID together with the certificate data as credentials.
When you develop a Windows Azure application with Visual Studio, you will be prompted to create or select saved credentials in the following situations:
When you publish an application from Visual Studio for the first time.
When you configure the Windows Azure Compute node in Server Explorer to monitor a hosted service for the first time.
You can use a self-signed certificate or you can use one signed by a certificate authority. If you do not have a certificate that you want to use already installed on your local computer, you can easily create one from Visual Studio when you set up your credentials. Any certificate that you use must be uploaded to the Management Portal. You cannot do this from Visual Studio. You must do this directly from the Management Portal itself. After you have uploaded the certificate, you can then use this as part of your credentials to publish your Windows Azure application or monitor a hosted service.
To be available to use with the Windows Azure Tools for Visual Studio, a certificate must have a private key and must be installed in the Personal store on the local computer.
| Note |
|---|
These credentials that Visual Studio requires to manage your hosted services are not the same credentials that are required to authenticate a request against the Windows Azure storage services. |
You set up your authentication credentials in the Windows Azure Project Management Authentication dialog box. This dialog box is displayed if you perform either of the following actions:
-
When you use Server Explorer to add a deployment environment to the Compute Explorer node, from the Add deployment environment dialog box, open the shortcut menu for the Choose a deployment environment pane and choose New to create new credentials.
-
When you publish a Windows Azure application, from the Publish Windows Azure Project dialog box, select <Add>from Credentials.
The following procedure assumes that the Windows Azure Project Management Authentication dialog box is displayed.
To set up authentication credentials in Visual Studio
-
You can create or select an existing certificate to use for your credentials. To select an existing certificate, select the certificate from Create or select an existing certificate for authentication.
-
To create a new certificate, select Create from Create or select an existing certificate for authentication. Type a friendly name in Enter a friendly name for the new certificate and then choose the OK button.
The new certificate is displayed in the drop-down list.
Important
To use this certificate to publish your Windows Azure application from Visual Studio, you must upload this certificate to the Management Portal.
-
To upload this certificate to the Management Portal, follow these steps:
-
To copy the path for the certificate to the clipboard, choose the Copy the full path button.
-
To go to the Management Portal, choose the Windows Azure Portal button.
-
Sign in to the portal by using your Windows Live ID.
-
To view existing certificates in the Management Portal, choose the Hosted Services, Storage Accounts & CDN button and then choose the Management Certificates button.
-
To add the new certificate, choose the Add certificate button.
The Add new management certificate dialog box is displayed.
-
Select the name of your subscription from Choose a subscription.
-
Choose the Browse button. The Open dialog box is displayed. Use Ctrl+V to paste the path for your new certificate that you created in File name and choose the Open button.
The certificate name is now displayed.
-
To add this certificate to the Management Portal, choose the Done button.
Important
The certificate's public key file contains only the public key. If you want to use the certificate on other computers, you will have to export the key using Certificate Manager. To launch Certificate Manager, in the Windows Start menu, choose Run, then type certmgr.msc.
-
-
To copy the subscription ID, select the ID in the properties window and then press Ctrl+C.
-
To paste the subscription ID in Copy the subscription ID for your account, select this field and use Ctrl+V.
-
To name these credentials, type a name in Name these credentials.
-
To save these credentials, choose the OK button.
You can now use these credentials to publish any of your Windows Azure applications or monitor any of your hosted services. For more information about this, see Publishing a Windows Azure Application using the Windows Azure Tools and Viewing the State of an Azure Application using Server Explorer.
Regards,
Katrina Lyon-Smith
- 5/11/2011
- Katrina - MSFT
The path copied by VS cannot be validated since is not trusted, the certificate is
created with a *.cer extension and the dialog box filter files other than
*.pfx. The process is absurdly cumbersome and the implementation is worst,
better not mentioning the 'help'.
It is ridiculous the amount of time that is needed to link and upload a single file
in comparison with software development.
Cloudy in Seattle
PD: Bill, please come back !
- 4/28/2011
- williamtheconqueror
- 4/15/2011
- Coffee_fan
