时间戳

首页 > 解决方案 > Azure devops pfx 安装在远程虚拟机中

azure-devops - Azure devops pfx 安装在远程虚拟机中

问题描述

我正在尝试在我的 azure vm 中安装 pfx 证书并将我的 pfx 文件保存在变量组中并保存了我的 pfx 密码。我正在使用下面的 yaml 脚本进行部署,但它不起作用。我的天蓝色远程虚拟机中没有安装证书。

trigger:
- master
pool:
vmImage: 'windows-latest'
variables:
- group: certificate-variable
steps:
- task: DownloadSecureFile@1
  name: mySecureFile
  displayName: 'Get the pfx file certificat'
  inputs:
  secureFile: '$(signingCert.secureFilePath)'
  - task: PowerShell@2
  inputs:
  targetType: 'inline'
  script: |
  Write-Host "Start adding the PFX file to the certificate store."
  $pfxpath = '$(mySecureFile.secureFilePath)'
  $password = '$(signingCert.password)'
  Add-Type -AssemblyName System.Security
  $cert =New-Object -TypeName 
  System.Security.Cryptography.X509Certificates.X509Certificate2($pfxpath, $password, 
  [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]PersistKeySet)
  $store =New-object system.security.cryptography.X509Certificates.X509Store,CurrentUser
  $store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]ReadWrite)
  $store.Add($cert)
  $store.Close()

标签: azure-devopsssl-certificate

解决方案

你可以试试这个power shell脚本

$pfxpath = '$(mySecureFile.secureFilePath)'
$password = '$(signingCert.password)'

Add-Type -AssemblyName System.Security
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$cert.Import($pfxpath, $password, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]"PersistKeySet")
$store = new-object system.security.cryptography.X509Certificates.X509Store -argumentlist "MY", CurrentUser
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]"ReadWrite")
$store.Add($cert)
$store.Close()

此外,我们可以创建一个变量组并添加一个名为 sSecStrPassword 的变量来保存密码,并添加 power shell 脚本以将构建管道上使用的 .pfx 证书与下载安全文件任务一起使用。您可以参考此答案以获取更多详细信息。

推荐阅读