Open askew opened 6 years ago
Thanks for reporting this, we're looking into what possible enhancements we can make in this area
I've been researching at the feasibility of writing more services in different languages, and utilizing the Service Fabric Rest API within. The usability of these environment variables is crucial. Any updates on this @samedder or @craftyhouse ? Not a huge priority but, these variables are hard to even find documentation on. Thanks!
When SF creates a container based service (using Windows containers) it automatically creates a client certificate and puts this in the following environment variables in the container.
Fabric_RuntimeSslConnectionCertEncodedBytes
Fabric_RuntimeSslConnectionCertKey
Fabric_RuntimeSslConnectionCertThumbprint
The key is from code in
CryptoUtility::GenerateExportableKey
which creates a base64 encoding of the data exported by the CryptoAPI functionCryptExportKey
. This can only be used by importing with the correspondingCryptImportKey
function.It would be far more useful if
CryptoUtility::GenerateExportableKey
made a call toCryptEncodeObjectEx
to encode the key data in a standard RSA private key format. This way the certificate in the environment variables can be used in code other than native Windows C++.