I built a Azure web job console which is referring Windows Azure Management Libraries. I tried to authenticate my app by using public setting approach.

The program is working fine on my local, but failing on Azure Web Jobs with X509Certificates error.

This is how I did for the web job program.

1. Downloaded publish setting file from https://windows.azure.com/download/publishprofile.aspx

2. On console app, create credential by copy & paste subscriptionId and cert string from the setting file.

   new CertificateCloudCredentials(
       subscriptionId,
       new  509Certificate2(Convert.FromBase64String(base64EncodedCertificate)));
   

3. Deployed & tried "Run on Demand" on Azure Web Job.

4. The error

   at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
   at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx)
   at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] data)
   at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData)
   

Exception while executing:

System.Security.Cryptography.CryptographicException, The system cannot find the file specified.

I would suggest starting with this blog post: http://blog.tylerdoerksen.ca/2015/11/29/pfx-certificate-files-and-azure-web-apps/. Though this blog post is about Azure Websites and not Azure Webjobs per se however I'm inclined to believe that your problem is because of this. In fact, I ran into exact same problem with Azure Websites.

However in order to use the solution outlined in the blog post, you can't use the certstring from the publish setting file as is. Here's what you would need to do:

1. Through another console application, first create an X509 certificate and install it in the certificate store of your local computer.
2. Export the certificate in PFX format and provide a password.
3. Include this PFX certificate as a part of your solution. In case of Azure Websites, we had to include this file in App_Data folder, not sure where you will include it in case of Webjob. You can try so that it is present in the bin folder.

4. Read this file and try to create an instance of X509 Certificate using the syntax specified in the blog post (and copied here):

   var cert = new X509Certificate2(pfxFile, "myPassword", X509KeyStorageFlags.MachineKeySet);