Var denne side nyttig?
Din feedback på dette indhold er vigtigt. Giv os din mening.
Mere feedback?
1500 tegn tilbage
Eksportér (0) Udskriv
Udvid alt
Dette indhold er ikke tilgængeligt på dit sprog, men her er den engelske version.

Get Service Certificate

Updated: July 10, 2015

The Get Service Certificate operation returns the public data for the specified X.509 certificate associated with a cloud service.

The Get Service Certificate request may be specified as follows. Replace <subscription-id> with the subscription ID, <service-name> with the DNS prefix name of the cloud service, <thumbprint-algorithm> with the algorithm for the thumbprint, and <thumbprint> with the thumbprint.


Method Request URI


You must make sure that the request that is made to the management service is secure. For additional details, see Authenticating Service Management Requests.

The following table describes the request headers.


Request Header Description


Required. Specifies the version of the operation to use for this request. This header should be set to 2009-10-01 or higher. For more information about versioning headers, see Service Management Versioning.

The response includes an HTTP status code, a set of response headers, and a response body.

A successful operation returns status code 200 (OK). For information about status codes, see Service Management Status and Error Codes.

The response for this operation includes the following headers. The response may also include additional standard HTTP headers. All standard headers conform to the HTTP/1.1 protocol specification.


Response Header Description


A value that uniquely identifies a request made against the management service.

The format of the response body is as follows:

<?xml version="1.0" encoding="utf-8"?>
<Certificate xmlns=””>

The following table describes the elements of the response body.


Element name Description


Specifies the public portion of the X.509 service certificate as a base-64 encoded form of the .cer file.

The Get Service Certificate operation returns the base-64 encoded binary X.509 certificate data in .cer file format for the specified certificate associated with a cloud service. This certificate can be used to support secure access to a web role or worker role.

The following example method calls the Get Service Certificate operation, prints the public service certificate data to the console, and also writes it to a .cer file. The parameters include the subscription ID, a management certificate associated with the subscription, the DNS prefix name for the cloud service, and the encoding algorithm and thumbprint for the requested certificate. Currently, only sha1 is supported as the encoding algorithm. The data is written to a file in the current user’s documents directory with a name combining the service name and thumbprint. The example does no error checking and will throw exceptions if the operation fails, the certificate is not found, or the file cannot be written.

/// <summary>
/// Calls the Get Certificate operation in the Service Management 
/// REST API for the certificate in the specified hosted service with 
/// the specified algorithm and thumbprint, and writes the Base-64
/// encoded public X.509 certificate data to the console and to the
/// user's documents directory.
/// </summary>
/// <param name="managementCert">The management certificate used to access the service.</param>
/// <param name="subscriptionId">The subscription identifier for the service.</param>
/// <param name="serviceName">The DNS prefix name of the hosted service containing the certificate to get.</param>
/// <param name="algorithm">The encryption algorithm for the certificate to get, for example, "sha1".</param>
/// <param name="thumbprint">The thumbprint for the certificate to get.</param>
/// <returns>The HostedServices XML element from the response.</returns>
public static void GetCertificateExample(
    X509Certificate2 managementCert,
    string subscriptionId,
    string serviceName,
    string algorithm,
    string thumbprint)
    HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(
            "{0}" +
            subscriptionId, serviceName, algorithm, thumbprint));
    request.Method = "GET";
    request.ContentType = "application/xml";
    HttpWebResponse response = (HttpWebResponse)request.GetResponse();
    if (response.ContentLength > 0)
        using (XmlReader reader = XmlReader.Create(response.GetResponseStream()))
            XDocument responseBody = XDocument.Load(reader);
            XNamespace wa = "";
            string data =
                responseBody.Element(wa + "Certificate").Element(wa + "Data").Value;
            // Write out the data in Base-64 encoded .cer file format
            // to a file named <serviceName>_<thumbprint>.cer
            const int LineLength = 64;
            StringBuilder output = new StringBuilder();
            output.AppendLine("-----BEGIN CERTIFICATE-----");
            for (int offset = 0; offset < data.Length; offset += LineLength)
                int remaining = data.Length - offset;
                    offset, remaining < LineLength ? remaining : LineLength));
            output.AppendLine("-----END CERTIFICATE-----");
            string certificatePath = Path.Combine(
                serviceName + "_" + thumbprint + ".cer");
            using (StreamWriter writer = new StreamWriter(certificatePath, false))
            // Display the data on the console
            Console.WriteLine("Wrote certificate data to {0}{1}{2}", 
                certificatePath, Environment.NewLine, output.ToString());

When run with the appropriate parameters, the console output of this method will resemble the following:

Wrote certificate data to C:\Users\username\Documents\MyHostedService1_2EA90CBB65EFCF71C92F55363954A16B87941ECD.cer

See Also

© 2015 Microsoft