我正在尝试通过AWS DocumentDB函数连接到C# Lambda。
问题是TLS上启用了DocumentDB,并且需要我将证书添加到本地存储。
如果我在EC2上运行,这很好,因为它需要READ/WRITE对本地文件系统的访问。
由于我正在Lambda上运行,因此不确定如何实现此目标。
Documentation that I've referenced。
我已经在Lambda中尝试了示例代码,并且得到了以下IOException(因为它需要读/写访问权限):
The X509 certificate could not be added to the store.: CryptographicException
at Internal.Cryptography.Pal.DirectoryBasedStoreProvider.Add(ICertificatePal certPal)
at System.Security.Cryptography.X509Certificates.X509Store.Add(X509Certificate2 certificate)
at Lambdas.DependencyRegistar.ConfigureMongoDatabase() in /build_and_deploy/src/Lambdas/DependencyRegistar.cs:line 113
at Lambdas.DependencyRegistar.ConfigureServices(IServiceCollection services) in /build_and_deploy/src/Lambdas/DependencyRegistar.cs:line 35
at Lambdas.Handlers.BaseLambdaHandler..ctor(IServiceCollection services) in /build_and_deploy/src/Lambdas/Handlers/BaseLambdaHandler.cs:line 36
--> Read-only file system: IOException <--
at System.IO.FileSystem.CreateDirectory(String fullPath)
at System.IO.Directory.CreateDirectory(String path)
at Internal.Cryptography.Pal.DirectoryBasedStoreProvider.AddCertToStore(ICertificatePal certPal)
at Internal.Cryptography.Pal.DirectoryBasedStoreProvider.Add(ICertificatePal certPal)
相同的代码在Windows机器上可以在本地正常运行(因为我能够将证书成功添加到本地存储中)。