Closed nprice22 closed 3 months ago
philon-msft
commented
3 months ago Could you try setting configurationOptions.User = "[SP principal ID]"? The SP's principal ID should appear as the Username on the cache's Authentication view in the Azure Portal.
nprice22
commented
3 months ago Turns out our deploy system was pushing an older version of the StackExchange.Redis library which didn't meet the requirement of the 2.7.33 version required by the Microsoft.Azure.StackExchangeRedis library. After ensuring 2.7.33+ was being used, SP based auth started working.
Hello,
I'm trying to use the SNI cert based auth using a SP to access Azure Cache for Redis on version 3.1.0 of this package. Here's the code snippet I'm using:
await configurationOptions.ConfigureForAzureAsync(new AzureCacheOptions { ClientId = clientId, ServicePrincipalTenantId = tenantId, ServicePrincipalCertificate = certificate, SendX5C = true // Enables Subject Name + Issuer authentication });
On this line of code, I'm getting the following error:
System.AggregateException: One or more errors occurred. ---> System.ArgumentNullException: Value cannot be null.d__6.MoveNext() in ...\src\AzureCacheForRedis.cs:line 116
Parameter name: token
at Microsoft.Azure.StackExchangeRedis.AzureCacheOptions.<>c.<.ctor>b__14_1(String token) in ...\src\AzureCacheOptions.cs:line 92
at StackExchange.Redis.AzureCacheForRedis.
I've validated that the parameters for clientid, tenantid, and the certificate are correct. I've also validated that the SP is set up as data reader on the redis instance as well as entraid auth being enabled. The SP is also authed with the SNI cert I'm attempting to use.
This appears to be the line it's failing on: https://github.com/Azure/Microsoft.Azure.StackExchangeRedis/blob/a1a4bef386ba3fd7ca38f36ea38b20da8f10bced/src/AzureCacheOptions.cs#L85C13-L85C60
Are there any additional steps I can do to troubleshoot this problem? Are there any alternative ways to use SNI auth with a SP to access an Azure Cache for Redis instance I could try?