###BeginCaseStudy###
Testlet 1
Background
You are developing a video transcoding service. This service is used by customers to upload video files,
convert video to other formats, and view the converted files. This service is used by customers all over the
world.
Business Requirements
The user-facing portion of the application is an ASP.NET MVC application. It provides an interface for
administrators to upload video and schedule transcoding. It also enables administrators and users to download
the transcoded videos.
When videos are uploaded, they are populated with metadata used to identify the video. The video metadata is
gathered by only one system when the video upload is complete.
Customers require support for Microsoft Internet Explorer 7 and later.
The application contains a header that is visible on every page.
If the logged-on user is an administrator, then the header will contain links to administrative functions. This
information is read from a cookie that is set on the server. The administrative links must not be present if an
error condition is present.
Technical Requirements
User Experience:
The front-end web application enables a user to view a list of videos.
The main view of the application is the web page that displays the list of videos.
HTML elements other than the list of videos are changed with every request requiring the page to reload.
Compatibility:
Some customers use browsers that do not support the HTTP DELETE verb.
These browsers send a POST request with an HTTP header of X-Delete when the intended action is to
delete.
Transcoding:
The video transcoding occurs on a set of Windows Azure worker roles.
The transcoding is performed by a third-party command line tool named transcode.exe. When the tool is
installed, an Environment variable named transcode contains the path to the utility.
A variable named license contains the license key. The license for the transcoding utility requires that it be
unregistered when it is not in use.
The transcoding utility requires a significant amount of resources. A maximum of 10 instances of the utility
can be running at any one time. If an instance of the role cannot process an additional video, it must not
prevent any other roles from processing that video.
The utility logs errors to a Logs directory under the utilities path.
A local Azure directory resource named perf is used to capture performance data.
Development:
Developers must use Microsoft Remote Desktop Protocol (RDP) to view errors generated by the
transcode.exe utility.
An x509 certificate has been created and distributed to the developers for this purpose.
Developers must be able to use only RDP and not any other administrative functions.
Application Structure
###EndCaseStudy###
You need to ensure that developers can connect to a Windows Azure role by using RDP.
What should you do?
A.
Export a certificate without a private key. Upload the .cer file to the Management Certificates section on the
Azure Management Portal.
B.
Export a certificate with a private key. Upload the .pfxfile to the Management Certificates section on the
Azure Management Portal.
C.
Export a certificate without a private key. Upload the .cer file to the Certificates section under the
TranscodeWorkerRole hosted service on the Azure Management Portal.
D.
Export a certificate with a private key. Upload the .pfx file to the Certificates section under the
TranscodeWorkerRole hosted service on the Azure Management Portal.
Explanation:
In case you don’t want to use the RDP certificate created by WindowsAzure Tools and want to use a custom
certificate instead, the following steps will guide you. These steps can also be used in case package is not
being published from Visual Studio rather it is being built locally, saved in either Local Machine’s Drive or
Windows Azure Blob Storage and subsequently published from there.
Here are the steps which are required to get pass the publishing error which you might be running into. You
would need to upload the Certificate with Private Key to the portal (when VisualStudio is used this is done in the
background).
Detailed steps.
In Visual Studio, go to the solution which is being developed.
Right click the Web Project -> Configure Remote Desktop -> click on View to see Certificate details (Since I
don’t have a custom certificate I will use one create by Windows Azure Tools itself)
Go to Details tab on Certificate -> Click Copy to file.. -> Next -> Select ‘Yes, export the private key’ -> Next –
> Continue with default setting and create a password when asked (please refer below screenshots)
These steps will generate a .PFX file for this certificate. Now we need to upload this certificate to the portal
(for the respective cloud service)
Go to the Azure Management Portal -> Go to the Cloud Service in question ->Certificates Tab -> Upload the
newly created certificate (.PFX file)
Note:
* The certificates that you need for a remote desktop connection are different from the certificates that you use
for other Azure operations. The remote access certificate must have a private key.
* Microsoft Azure uses certificates in three ways:
/ Management certificates – Stored at the subscription level, these certificates are used to enable the use of the
SDK tools, the Windows Azure Tools for Microsoft Visual Studio, or the Service Management REST API
Reference. These certificates are independent of any cloud service or deployment.
/ Service certificates – Stored at the cloud service level, these certificates are used by your deployed services.
/ SSH Keys – Stored on the Linux virtual machine, SSH keys are used to authenticate remote connections to
the virtual machine.
How to use Custom Certificate for RDP to Windows Azure Roles
http://blogs.msdn.com/b/cie/archive/2014/02/22/how-to-use-custom-certificate-for-rdp-to-windows-azureroles.aspx