Eksportuj (0) Drukuj
Rozwiń wszystko
EN
Ta zawartość nie jest dostępna w wymaganym języku. Wersja w języku angielskim znajduje się tutaj.

Control Access to Certificates on a Virtual Machine

Updated: February 14, 2014

Access to certificates containing private keys should be restricted to processes that are fully trusted. Windows Azure VM roles restrict role access by default. Web and worker roles allow all role processes to access the private key by default. To restrict access you must set the permissionLevel attribute on the Certificate element in your service definition file. The permissionLevel attribute specifies the access permissions given to the role processes. If you want only elevated processes to be able to access the private key, then specify elevated permission. limitedOrElevated permission allows all role processes to access the private key. Possible values are limitedOrElevated or elevated. The default value is limitedOrElevated.

  1. Open the ServiceDefinition.csdef file.

  2. Locate you’re the Certificate element for the certificate and add the permissionLevel attribute and set the value to elevated.

    
    <ServiceDefinition name="WindowsAzureProject4" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition">
      <WorkerRole name="MyWokerRole">
        <ConfigurationSettings>
          . . .
        </ConfigurationSettings>
        <Certificates>
          <Certificate name="MySSLCert" storeLocation="LocalMachine" storeName="My" permissionLevel="elevated" />
        </Certificates>
      </WorkerRole>
    </ServiceDefinition>
    
    
  3. Save the file.

See Also

Pokaż:
© 2014 Microsoft