How to Create a x509 Certificate for the Windows Azure Management API
Cut to the chase. Here is how you do it.
- Load the IIS 7 management console. I’m assuming here you have IIS7 installed since its required for the Windows Azure SDK.
- Click on your Server.
- Double Click Server Certificates in the IIS Section in the main panel.
- Click Create Self-Signed Certificate… in the Actions panel.
- Give it a Friendly Name.
- Close IIS Manager.
- Open Certificate Manager (Start->Run->certmgr.msc)
- Open Trusted Root Certification Authorities, then Certificates.
- Look for your certificate (Tip: Look in the Friendly Name column).
- Right Click your certificate, then choose All Tasks, then Export…
- In the Wizard, choose No, do not export the private key, then choose the DER file format.
- Give your cert a name. (remember to call it something.cer).
- Navigate to the Windows Azure Portal – http://windows.azure.com
- Click the Account Tab, then click Manage My API Certificates.
- Browse to the certificate file you created earlier and upload it.
- Done!
Want to use the API, check out these Windows Azure Service Management CmdLets on code gallery – http://code.msdn.microsoft.com/azurecmdlets and script your upgrades.
THIS POSTING IS PROVIDED “AS IS” WITH NO WARRANTIES, AND CONFERS NO RIGHTS
Comments are closed.
about 2 months ago
Good post! Couple of things to note
- If you’re exporting the key to use it on another machine, you *must* export the private key. You need the private key installed on your machine to make API calls work
- If you’re a command line junkie, you can just do “makecert -r -pe -a sha1 -n “CN=Windows Azure Authentication Certificate” -ss My -len 2048 -sp “Microsoft Enhanced RSA and AES Cryptographic Provider” -sy 24 yourapicert.cer”
about 2 months ago
Thanks for pointing that out Sriram. I was too lazy to install the Windows SDK and get the command line tool – i figured most folks would have IIS installed so went that route