我正在尝试使用 bash 脚本在 api 管理中设置自定义域。我知道可以使用 powershell 来完成
# Upload the custom ssl certificate to be applied to Proxy endpoint / Api Gateway endpoint
$proxyCertUploadResult = Import-AzApiManagementHostnameCertificate -Name $apimServiceName -
ResourceGroupName $resourceGroupName -HostnameType "Proxy" -PfxPath $proxyCertificatePath -
PfxPassword $proxyCertificatePassword
# Upload the custom ssl certificate to be applied to Portal endpoint
$portalCertUploadResult = Import-AzApiManagementHostnameCertificate -Name $apimServiceName -
ResourceGroupName $resourceGroupName -HostnameType "Portal" -PfxPath $portalCertificatePath -
PfxPassword $portalCertificatePassword
# Create the HostnameConfiguration object for Portal endpoint
$PortalHostnameConf = New-AzApiManagementHostnameConfiguration -Hostname $proxyHostname -
CertificateThumbprint $proxyCertUploadResult.Thumbprint
# Create the HostnameConfiguration object for Proxy endpoint
$ProxyHostnameConf = New-AzApiManagementHostnameConfiguration -Hostname $portalHostname -
CertificateThumbprint $portalCertUploadResult.Thumbprint
# Apply the configuration to API Management
Set-AzApiManagementHostnames -Name $apimServiceName -ResourceGroupName $resourceGroupName `
-PortalHostnameConfiguration $PortalHostnameConf -ProxyHostnameConfiguration $ProxyHostnameConf
是否可以使用 bash 做类似的事情?
如果您想使用Azure CLI为Azure API管理配置自定义域,我们可以使用命令
az apim update --set hostnameConfigurations={setting}
。
主机名配置设置应该像
[{
"hostName": "bbb.beesphotos.net",
"type": "Portal",
"certificate": null,
"certificatePassword": "<pfx file passsword>",
"encodedCertificate": "Base64 Encoded certificate content"
}, {
"hostName": "huryapim.azure-api.net",
"type": "Proxy",
"certificate": null,
"defaultSslBinding": true,
"negotiateClientCertificate": false
}
]
您可以使用这种方法:
az apim update --resource-group $rgName --name $apiMgmtName `
--add hostnameConfigurations type=Proxy host_name=$hostName `
encodedCertificate=$certData certificatePassword=$certPassword `
negotiateClientCertificate=false
如果有人正在寻找完整的脚本,那就是这里。只需根据您的需要更改参数即可。如果您使用通配符证书,则网关和开发人员门户的 keyvault ID 将相同。
[CmdletBinding()]
param (
[String]
$ResourceGroupName,
[String]
$GatewayHostname,
[String]
$ApimServiceName,
[String]
$GatewayCertificateKeyVaultId,
[String]
$PortalHostname,
[String]
$PortalCertificateKeyVaultId
)
$config ='[{\"hostName\":\"'+$GatewayHostname+'\",\"type\":\"Proxy\",\"keyVaultId\":\"'+$GatewayCertificateKeyVaultId+'\",\"defaultSslBinding\":true,\"negotiateClientCertificate\":false},{\"hostName\":\"'+$PortalHostname+'\",\"type\":\"DeveloperPortal\",\"keyVaultId\":\"'+$PortalCertificateKeyVaultId+'\"}]'
Write-Host $config
az apim update --resource-group $ResourceGroupName --name $ApimServiceName --set hostnameConfigurations=$config