我遇到的问题类似于此处描述的问题:
Import-AzurePublishSettingsFile throws CryptographicException
我们从IIS调用Powershell以编程方式部署VM。此过程的一部分涉及为新客户加载新的发布设置文件。尝试这样做时,我们收到以下错误:
Import-AzurePublishSettingsFile : An internal error occurred.
At C:\WebApps\Provisioning\PowerShellScripts\vmDeploy.ps1:152 char:2
+ Import-AzurePublishSettingsFile ($outputDir + "\" + $azSettingsFile)
-ErrorActi ...
+
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:)
[Import-AzurePublishSettingsFile], CryptographicException
+ FullyQualifiedErrorId :
Microsoft.WindowsAzure.Commands.Subscription.ImportAzurePublishSettingsCommand
我预感这与用户空间有关,就好像我从交互式PS会话中运行完全相同的脚本,在同一台服务器上,它工作正常。
有关如何解决此问题的任何想法?
编辑:来自Powershell的堆栈跟踪:
PSMessageDetails :
Exception : System.Security.Cryptography.CryptographicException: An internal error occurred.
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password)
at Microsoft.WindowsAzure.Commands.Utilities.Common.PublishSettingsImporter.PublishSubscriptionToAzureSubscription(PublishDataPublishProfile profile, PublishDataPublishProfileSubscription s) in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands.Utilities\Common\PublishSettingsImporter.cs:line 56
at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
at System.Collections.Generic.List`1..ctor(IEnumerable`1 collection)
at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source)
at Microsoft.WindowsAzure.Commands.Utilities.Common.WindowsAzureProfile.ImportPublishSettings(String fileName) in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands.Utilities\Common\WindowsAzureProfile.cs:line 293
at Microsoft.WindowsAzure.Commands.Subscription.ImportAzurePublishSettingsCommand.ImportFile(String fileName) in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands\Subscription\ImportAzurePublishSettings.cs:line 95
at Microsoft.WindowsAzure.Commands.Subscription.ImportAzurePublishSettingsCommand.ExecuteCmdlet() in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands\Subscription\ImportAzurePublishSettings.cs:line 46
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletBase.ProcessRecord() in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands.Utilities\Common\CmdletBase.cs:line 96
TargetObject :
CategoryInfo : CloseError: (:) [Import-AzurePublishSettingsFile],
CryptographicException
FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.Subscription.ImportAzurePublishSettingsCommand
ErrorDetails :
InvocationInfo : System.Management.Automation.InvocationInfo
ScriptStackTrace : at <ScriptBlock>, C:\WebApps\Provisioning\PowerShellScripts\vmDeploy.ps1: line 163
PipelineIterationInfo : {}
MyCommand : Import-AzurePublishSettingsFile
BoundParameters : {}
UnboundArguments : {}
ScriptLineNumber : 163
OffsetInLine : 2
HistoryId : 1
ScriptName : C:\WebApps\Provisioning\PowerShellScripts\vmDeploy.ps1
Line : Import-AzurePublishSettingsFile ($outputDir + "\" +
$azSettingsFile) -ErrorAction Stop
PositionMessage : At C:\WebApps\Provisioning\PowerShellScripts\vmDeploy.ps
1:163 char:2
+ Import-AzurePublishSettingsFile ($outputDir + "\"
+ $azSettingsFile) -ErrorActi ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
PSScriptRoot : C:\WebApps\Provisioning\PowerShellScripts
PSCommandPath : C:\WebApps\Provisioning\PowerShellScripts\vmDeploy.ps1
InvocationName : Import-AzurePublishSettingsFile
PipelineLength : 0
PipelinePosition : 0
ExpectingInput : False
CommandOrigin : Internal
DisplayScriptPosition :
00000000000000000000000000000000000000000000000000000000000000000000000000000000
Message : An internal error occurred.
Data : {}
InnerException :
TargetSite : Void ThrowCryptographicException(Int32)
StackTrace : at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle&pCertCtx)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password)
at Microsoft.WindowsAzure.Commands.Utilities.Common.PublishSettingsImporter.PublishSubscriptionToAzureSubscription(PublishDataPublishProfile profile, PublishDataPublishProfileSubscription s) in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands.Utilities\Common\PublishSettingsImporter.cs:line 56
at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
at System.Collections.Generic.List`1..ctor(IEnumerable`1collection)
at System.Linq.Enumerable.ToList[TSource](IEnumerable`1source)
at Microsoft.WindowsAzure.Commands.Utilities.Common.WindowsAzureProfile.ImportPublishSettings(String fileName) in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands.Utilities\Common\WindowsAzureProfile.cs:line 293
at Microsoft.WindowsAzure.Commands.Subscription.ImportAzurePublishSettingsCommand.ImportFile(String fileName) in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands\Subscription\ImportAzurePublishSettings.cs:line 95
at Microsoft.WindowsAzure.Commands.Subscription.ImportAzurePublishSettingsCommand.ExecuteCmdlet() in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands\Subscription\ImportAzurePublishSettings.cs:line 46
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletBase.ProcessRecord() in c:\workspace\workspace\build-azure-sdk-tools-msi\WindowsAzurePowershell\src\Commands.Utilities\Common\CmdletBase.cs:line 96
HelpLink :
Source : mscorlib
HResult : -2146893792
答案 0 :(得分:0)
答案:
我们将IIS应用程序池的用户上下文更改为本地管理员,这解决了该问题。这表明问题是从先前的上下文访问加密存储。然而,错误和堆栈跟踪太模糊,无法证实这一假设。
答案 1 :(得分:0)
使用WAML库进行计算,我可以部署 - 但是,我必须使用稍微不同的凭据加载:
X509Certificate2 certificate = new X509Certificate2(
Convert.FromBase64String(encodedCertificate),
"MyPrivateKey",
X509KeyStorageFlags.MachineKeySet);
基本上我需要告诉系统从机器密钥集加载(即使我的证书是本地的),然后CryptographicException就会消失。
我猜这可能有些相似 - 即使您使用的是PowerShell,它也是建立在WAML预览之上的。
答案 2 :(得分:0)
我们的构建代理在Azure VM上运行,它一直工作正常但突然停止工作一天,显然没有任何理由上述错误。
登录到VM并手动运行Import-AzurePublishSettingsFile "FileName"
将完美运行。
我们发现我们的构建代理设置不正确,并且在用户帐户下运行,其MSDN凭据已更改。
我们首先通过重新启动VM来解决问题 - 这会终止在其他用户帐户下运行的任何构建代理进程(在我们的例子中有一个,它阻止我们运行下面的下一步)
接下来,如果您通过运行脚本(作为管理员)将构建代理安装为服务,那么它是最好的
<agent home>/bin/service.install.bat file
您可以通过检查服务名为&#34; Team City Agent&#34;的Computer Management -> Services
对话框来检查服务是否已安装。 (或类似的东西正在运行),假设其他所有设置都正常你的构建应该开始工作(或至少通过上面的加密错误:))
可以在此处找到更多信息:https://confluence.jetbrains.com/display/TCD8/Setting+up+and+Running+Additional+Build+Agents