如何轮换 Azure SignalR 服务的访问密钥How to rotate access key for Azure SignalR Service

每个 Azure SignalR 服务实例都有一对访问密钥,称为主密钥和辅助密钥。Each Azure SignalR Service instance has a pair of access keys called Primary and Secondary keys. 向服务发出请求时,这些密钥用于对 SignalR 客户端进行身份验证。They're used to authenticate SignalR clients when requests are made to the service. 密钥与实例终结点 URL 相关联。The keys are associated with the instance endpoint url. 请保护好密钥并定期轮换。Keep your keys secure, and rotate them regularly. 你有两个访问密钥,因此,在重新生成其中的一个密钥时,可以使用另一个密钥来保持连接。You're provided with two access keys, so you can maintain connections by using one key while regenerating the other.

为何要轮换访问密钥?Why rotate access keys?

出于安全原因和合规性要求,请定期轮换访问密钥。For security reasons and compliance requirements, routinely rotate your access keys.

重新生成访问密钥Regenerate access keys

  1. 转到 Azure 门户并使用自己的凭据登录。Go to the Azure portal, and sign in with your credentials.

  2. 在要重新生成其密钥的 Azure SignalR 服务实例中找到“密钥”部分。 Find the Keys section in the Azure SignalR Service instance with the keys that you want to regenerate.

  3. 在导航菜单中选择“密钥” 。Select Keys on the navigation menu.

  4. 选择“重新生成主密钥”或“重新生成辅助密钥”。 Select Regenerate Primary Key or Regenerate Secondary Key.

    此时将创建并显示新的密钥和相应的连接字符串。A new key and corresponding connection string are created and displayed.

    重新生成密钥

还可以使用 Azure CLI 重新生成密钥。You also can regenerate keys by using the Azure CLI.

使用新的连接字符串更新配置Update configurations with new connection strings

  1. 复制新生成的连接字符串。Copy the newly generated connection string.

  2. 将所有配置更新为使用新连接字符串。Update all configurations to use the new connection string.

  3. 根据需要重启应用程序。Restart the application as needed.

强制重新生成访问密钥Forced access key regeneration

在某些情况下,Azure SignalR 服务可能会强制要求重新生成访问密钥。Azure SignalR Service might enforce a mandatory access key regeneration under certain situations. 该服务会通过电子邮件和门户通知告知客户。The service notifies customers via email and portal notification. 如果你收到此信件或者遇到访问密钥导致的服务故障,请遵照本指南中的说明轮换密钥。If you receive this communication or encounter service failure due to an access key, rotate the keys by following the instructions in this guide.

后续步骤Next steps

请定期轮换访问密钥,这是一种良好的安全做法。Rotate your access keys regularly as a good security practice.

本指南介绍了如何重新生成访问密钥。In this guide, you learned how to regenerate access keys. 请继续学习后续教程,了解如何使用 OAuth 或 Azure Functions 进行身份验证。Continue to the next tutorials about authentication with OAuth or with Azure Functions.