[英]Visual Studio 2012 + 403.7 Error
I've been spinning my wheels for a few days now not making any progress, and suggestions I've found thus far online haven't quite done the trick, so here goes: 我已经转动了几天,现在没有任何进展,到目前为止,我在网上发现的建议还没有完全解决问题,因此,这里是:
I have a WCF service which ties into... not sure what type of web service you'd call this on the other end, kind of REST-ish. 我有一个与WCF服务相关联的...不确定在另一端您将调用哪种类型的Web服务,即REST风格。 The URL to the method looks like this " https://partner.someservice.com/SomeMethod.asp ".
该方法的URL如下所示:“ https://partner.someservice.com/SomeMethod.asp ”。 I cram some query string args onto the end of that and POST the request to their server.
我将一些查询字符串args塞到其末尾,然后将请求发布到他们的服务器。
The error in VS just shows 403, but when I've used Fiddler I see 403.7. VS中的错误仅显示403,但是当我使用Fiddler时看到403.7。 Before importing the cert into my browsers I saw 403.7 as well.
在将证书导入浏览器之前,我还看到了403.7。 I can inspect my request object and see the ClientCertificates with [1] cert specified, so I'm pretty sure it is getting attached.
我可以检查我的请求对象,并查看指定了[1]证书的ClientCertificates,因此,我很确定它已附加。
I've imported the .pfx file into both my machine and local user cert stores. 我已将.pfx文件导入到我的计算机和本地用户证书存储中。 I've run the winhttpcertcfg utility a number of times in a number of ways, basically following the instructions I've seen on MSDN and SO posts.
我已经以多种方式多次运行winhttpcertcfg实用程序,基本上遵循了我在MSDN和SO帖子上看到的说明。
winhttpcertcfg -g -c LOCAL_MACHINE\\MY -s [cert] -a [user/aspnet/auth'd users] winhttpcertcfg -g -c LOCAL_MACHINE \\ MY -s [cert] -a [用户/ aspnet /授权用户]
winhttpcertcfg.exe -i [cert.pfx] -c LOCAL_MACHINE\\MY -p [pwd] winhttpcertcfg.exe -i [cert.pfx] -c LOCAL_MACHINE \\ MY -p [pwd]
I've imported the .pfx file into Chrome. 我已将.pfx文件导入Chrome。 If I hit that URL in Chrome, I get a prompt to select my cert, and then I can proceed to the URL just fine.
如果我在Chrome中点击该URL,则会提示您选择我的证书,然后可以继续使用该URL。 Same behavior in IE.
在IE中的行为相同。
So this seems to be specific to me running in VS, although I'm not sure what option I haven't checked or what permission I haven't granted. 因此,这似乎是针对我在VS中运行的,尽管我不确定我没有检查过哪个选项或未授予什么权限。 Under project properties on my WCF service, I have tried "Use Visual Studio Development Server" and "Use Local IIS Web server" but get the same behavior from each.
在WCF服务上的项目属性下,我尝试了“使用Visual Studio开发服务器”和“使用本地IIS Web服务器”,但是两者的行为相同。 What am I missing?
我想念什么?
Some code: 一些代码:
private static string DoPost(string postData)
{
string result = null;
var httpWebRequest = (HttpWebRequest)WebRequest.Create(GetEndpoint());
var encoding = new ASCIIEncoding();
var bytes = encoding.GetBytes(postData);
httpWebRequest.Method = "POST";
httpWebRequest.ContentType = "application/x-www-form-urlencoded";
httpWebRequest.ContentLength = bytes.Length;
httpWebRequest.ClientCertificates.Add(clientCertificate);
using (var stream = httpWebRequest.GetRequestStream())
{
stream.Write(bytes, 0, bytes.Length);
stream.Close();
using (var httpWebResponse = httpWebRequest.GetResponse())
using (var responseStream = httpWebResponse.GetResponseStream())
{
if (responseStream != null)
{
using (var reader = new StreamReader(responseStream))
{
result = reader.ReadToEnd();
}
}
}
}
return result;
}
And the code obtaining the cert (in a utility class written by another dev, and this seems to work just fine in production): 和获得证书的代码(在另一个开发人员编写的实用程序类中,这似乎在生产中可以正常工作):
public static X509Certificate2 GetCertificateBySerial(string serial)
{
var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
var certColl = store.Certificates.Find(X509FindType.FindBySerialNumber, serial, false);
store.Close();
if (certColl.Count == 0)
{
throw new Exception(String.Format("A certificate with a serial number of \"{0}\" is not installed on the server.", serial));
}
return certColl[0];
}
I made a couple of changes, and was able to get this to work. 我进行了一些更改,并使其能够正常工作。 For one, I had to change from GET to POST*, and in doing so I accidentally left a portion of the endpoint/url in the post data (oops).
首先,我不得不从GET更改为POST *,这样做时我不小心将部分端点/ URL留在了post数据中(哎呀)。 Secondly, I included this in my httpWebRequest:
其次,我将其包含在我的httpWebRequest中:
httpWebRequest.ProtocolVersion = HttpVersion.Version11;
And last, the 403.7 error is actually being caused by Fiddler intercepting my traffic. 最后,403.7错误实际上是由Fiddler拦截我的流量引起的。 I don't have this cert properly configured in Fiddler, but that will come next.
我没有在Fiddler中正确配置此证书,但是接下来会出现。 Once I shut down Fiddler and actually formatted my POST data properly, things worked out.
一旦我关闭Fiddler并正确格式化了我的POST数据,事情就解决了。
*Switching from GET to POST had nothing to do with getting this resolved, just some back story. *从GET切换到POST与解决此问题无关,只是一些背景故事。
TL;DR I didn't format my request properly. TL; DR我的请求格式不正确。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.