Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Azure

Securing Your SharePoint and Windows Azure Solutions : Configuring Shared Access Permissions for BLOB Storage - Using Certificate-Based Authentication

11/28/2012 4:28:47 PM
- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
As a part of securing your applications within Windows Azure, you might want to use a trusted certificate. A trusted certificate (also called a Secure Sockets Layer Certificate or SSL) helps to encrypt sensitive data as it moves throughout your application. When you use a trusted certificate and you’re moving sensitive data around or across site boundaries, this data cannot be intercepted by outside parties. You can buy trusted certificates from ISPs such as GoDaddy, or you can create your own by using Certification Manager. In this section, you’ll create a self-signed certificate that you’ll then upload into Windows Azure and use within a simple console application to illustrate the handshake across client and server.

Using Certification Manager (CertMgr.exe), you can create a self-signed trusted certificate and publish that certificate to the Trusted Publishers store on a client computer. The trusted certificate can then be uploaded to Windows Azure and used in your application development and design as a part of the authentication process. Client authentication requires the X.509 certificate, which is an industry-defined certificate and standard.

Create and Upload an X.509 Client Certificate to Windows Azure

  1. Open Internet Information Services (IIS) 7, click the top-level folder (your computer name), and click Server Certificates in the Content View.

  2. In the right pane, click Create Self-Signed Certificate.

  3. In the Create Self-Signed Certificate wizard, type a name for the certificate (such as MyNewCert) and click OK.

  4. Exit IIS and type mmc in the Start menu Search Programs And Files field—this is the shortcut to open the Microsoft Management Console application.

  5. Click File | Add/Remove Snap-In.

  6. In the Add Or Remove Snap-Ins dialog box, click Certificates and then click Add.

  7. Select Computer Account in the Certificates Snap-In wizard, then click Next, then Finish, and then OK.

  8. Find the certificate you just added by navigating to Certificates\Personal\Certificates in the root console view. Your newly created certificate should be listed in the Management Console—as shown here.

    image with no caption
  9. Right-click the certificate, select All Actions, and then select Export.

  10. 10. In the Certificate Export wizard, select Next, and then select No. Do not export the private key, accept the default DER encoded binary X.509 option, and click Next. Browse to a location to save the certification file, and provide a file name (such as MyNewCert.cer). Click Save and then Finish.

    Now that you’ve completed the export of the certificate, you can upload the certificate to Windows Azure. This is a straightforward process that you do through the Windows Azure developer portal.

  11. Navigate to your Windows Azure developer portal (https://windows.azure.com/Default.aspx).

  12. Select Hosted Services, Storage Accounts & CDN in the main portal view.

  13. Click Management Certificates, as shown here.

    image with no caption
  14. Click Add Certificate in the portal ribbon and browse for the certification that you just created, as shown.

    image with no caption
  15. Click Done. Your certificate should now display in the portal, along with additional metadata about the certificate. For example, in the following graphic, you’ll note that the main view shows who the certificate was issued by, the name of the certificate, and additional information such as the thumbprint and subscription ID, which can be used when your program is interacting with Windows Azure.

    image with no caption

    Your certificate is now uploaded to Windows Azure, and you can now use it in your applications. To illustrate, you’ll continue with the exercise to create a simple console application that uses the local certificate you created to establish trust with Windows Azure.

  16. Open Visual Studio 2010 and click File | New Project | Windows And Console Application. Provide a name for the project (such as GetACSCertInformation) and click OK.

  17. Right-click the project and select Properties. On the Resources tab, add a new resource. Provide a name for the resource (such as CertLocation) and then add the directory location and file name of the trusted certificate (for example, c:\Certificates\MyNewCert.cer).

  18. Double-click Program.cs and amend the code as shown here:

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Text;
    using System.Xml.Linq;
    using System.Net;
    using System.IO;
    using System.Security.Cryptography.X509Certificates;
    
    namespace GetACSCertInformation
    {
        class Program
        {
            static void Main(string[] args)
            {
                var azureRequest = (HttpWebRequest)WebRequest.Create("https://management.
    core.windows.net/<your subscription ID>/services/hostedservices");
                azureRequest.Method = "GET";
                azureRequest.ContentType = "xml";
                azureRequest.ClientCertificates.Add(X509Certificate2.CreateFromCertFile
    (GetACSCertInformation.Properties.Resources.CertLocation));
                azureRequest.Headers.Add("x-ms-version", "2009-10-01");
                var azureResponse = azureRequest.GetResponse().GetResponseStream();
                var xmlResultsFromAzure = new StreamReader(azureResponse).ReadToEnd();
                Console.WriteLine(XElement.Parse(xmlResultsFromAzure));
                Console.ReadLine();
            }
        }
    }

    The code in this application is straightforward: it creates a new WebRequest to interact with Windows Azure (using the REST API). The WebRequest object then loads the trusted certificate from the local system by using the ClientCertificates.Add method. When the call is made to Windows Azure, the certificate is then used to authenticate the incoming request: the certificates are compared, and the request is authenticated. When the request has been authenticated, the server response is an enumeration of the hosted services available in Windows Azure (as requested by the REST URI request). The result for your application should look something similar to that shown here.

    image with no caption
Other -----------------
- Securing Your SharePoint and Windows Azure Solutions : Configuring Shared Access Permissions for BLOB Storage - Using the Service Bus and Access Control Service
- Securing Your SharePoint and Windows Azure Solutions : Create a Windows Forms Application to Display the Shared Access Permissions Signature
- Securing Your SharePoint and Windows Azure Solutions : Configuring BCS Security - Create an Application ID, Assess Permissions on the ECT
- Deploying to Windows Azure : Changing live configuration, Upgrading the deployment, Running the deployment
- Deploying to Windows Azure : Preparation application for deployment, Ready for deployment
- Setting up hosted service in Windows Azure
- Azure Monitoring and Diagnostics : Logging config data in our application, Transferring and persisting diagnostic data
- Azure Monitoring and Diagnostics : Azure Diagnostics­ under the hood, Enabling diagnostic logging
- Web Services and Azure : Our WCF web services
- Web Services and Azure : Creating a new WCF service web role
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
programming4us programming4us
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 windows Phone 7 windows Phone 8
programming4us programming4us
 
programming4us
Natural Miscarriage
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Game Trailer