无法在.net中发布https WebRequest?
[英]unable to post a https WebRequest in .net?
问题描述
Hi i am encountering problems trying to post a WebRequest under Https. 
嗨,我在尝试在Https下发布WebRequest时遇到问题。
i received the following errors 我收到以下错误
1.-The underlying connection was closed: Unable to connect to the remote server. 1.-基础连接已关闭:无法连接到远程服务器。
2.-the operation TimeOut 2.-操作超时
3-The underlying connection was closed: Could not establish secure channel for SSL/TLS. 3-基础连接已关闭:无法为SSL / TLS建立安全通道。
i tried with about 3 or 4 different proxies of my company and the customer company and not even when i am directly with the ISP provider with no restrictions, i get the above errors when executing the following method 我尝试使用我的公司和客户公司的大约3或4个不同的代理,即使我没有限制地直接与ISP提供程序一起使用,也没有,执行以下方法时出现上述错误
WebRequest.GetRequestStream()
this occurs behind a proxy or not, the request can only be succesfully post from one single PC which is behind a proxy. 这种情况是否发生在代理之后,只能从一台位于代理后面的PC上成功发布请求。 the proxy doesn't have a client certificate installed. 代理没有安装客户端证书。
this is under .net framework 1.1 and the request already contains network credentials. 这是在.net framework 1.1下,并且该请求已经包含网络凭据。
what could be? 可能是什么?
Update 更新
the inner exception the 3rd error is the following: The function completed successfully, but must be called again to complete the context 内部异常的第三个错误如下:该函数成功完成,但必须再次调用以完成上下文
according to iisper.h documentation this error belongs to the 根据iisper.h 文档,此错误属于
//
// MessageId: SEC_I_CONTINUE_NEEDED
//
// MessageText:
//
// The function completed successfully, but must be called
// again to complete the context
//
#define SEC_I_CONTINUE_NEEDED ((HRESULT)0x00090312L)
on MSDN this refers to 在MSDN上,这是指
SEC_I_CONTINUE_NEEDED The client must send the output token to the server and wait for a return token. SEC_I_CONTINUE_NEEDED客户端必须将输出令牌发送到服务器,并等待返回令牌。 The returned token is then passed in another call to InitializeSecurityContext (Schannel). 然后,将返回的令牌传递到对InitializeSecurityContext(Schannel)的另一个调用中。 The output token can be empty. 输出令牌可以为空。
does this means the PC lacks a client certificate? 这是否意味着PC缺少客户端证书?
4 个解决方案
解决方案1
1 已采纳 2008-11-13 07:00:24
There are a whole number of things that could be complicating things, as far as inconsistencies with the SSL certs, etc. But first, you should do some basic debugging to rule out the obvious things: 有很多事情可能会使事情复杂化,甚至与SSL证书不一致等。但是首先,您应该进行一些基本的调试以排除明显的事情:
-- Did you try sending a simple web request to other servers? -您是否尝试向其他服务器发送简单的Web请求? Try both (unsecured) http and (secured) https 尝试(不安全的)http和(安全的)https
-- Did you try connecting from another computer, or from another network? -您是否尝试从另一台计算机或另一网络连接? You mentioned that the client is behind a proxy; 您提到客户端在代理后面; try a computer w/oa proxy first, to rule that out. 首先尝试使用带代理服务器的计算机,以排除该问题。
-- Are you making multiple WebRequests within the session? -您是否在会话中进行多个WebRequest? There is a hard-limit on the number of open requests, so make sure you're closing them after you get the WebResponse. 打开请求的数量有一个硬限制,因此请确保在获取WebResponse之后关闭它们。 Perhaps make a test program with just one request. 也许只需要一个请求就可以创建一个测试程序。
If that doesn't narrow it down, then it's probably something more complicated, with their the server or the proxy. 如果这不能缩小范围,则可能是服务器或代理更复杂。 You can track outgoing network packets with a program such as netshark to try to track down where things are getting stuck. 您可以使用诸如netshark之类的程序来跟踪传出的网络数据包,以尝试跟踪出现问题的位置。
解决方案2
1 2008-11-13 07:16:43
You could make a trace of the HTTP traffic using Fiddler or a network packet sniffing tool like Ethereal Whireshark on the machine where it is working, and on one of the other machines, and compare the results. 您可以使用Fiddler或诸如Ethereal Whireshark之类的网络数据包嗅探工具在其工作的计算机上以及其他计算机之一上跟踪HTTP流量,并比较结果。 This is fairly low-level, but might throw some light on the issue. 这是一个很低的层次,但可能会在此问题上有所启发。
解决方案3
1 2008-11-13 07:20:30
- If you can telnet from different machines to 443 then it is not the first two, as that means the client machine is receiving requests on that port. 如果您可以从其他计算机telnet到443,则它不是前两个,因为这意味着客户端计算机正在该端口上接收请求。
On windows that would be 在窗户上
telnet <domainname> 443
and if it connects the screen will go blank (hit return a few times to exit) 如果连接,屏幕将变黑(按回车几次退出)
The proxies may or may not actually care about your request if it is under HTTPS as they can't read it.
如果请求在HTTPS下,则代理可能会或可能不会真正在乎您的请求,因为它们无法读取请求。 Do the other machines have the client certificate and the certificate chain installed?
其他计算机是否安装了客户端证书和证书链?
解决方案4
0 2008-11-13 06:57:20
The SSL certificate name probably doesn't match. SSL证书名称可能不匹配。 This is often the case with selfsigned certificates. 自签名证书通常是这种情况。
The solution is to write your own authentication routine where you either always return true or do the necessary authentication to make sure the certificate is valid. 解决方案是编写您自己的身份验证例程,在该例程中,您总是返回true或进行必要的身份验证以确保证书有效。
// .NET 2.0+
...
ServicePointManager.ServerCertificateValidationCallback += MyValidationCallback
...
public bool MyValidationCallback(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors err)
{
return true;
}
// .NET 1.1
public class MyCertificatePolicy : ICertificatePolicy
{
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem)
{
return true;
}
}
...
ServicePointManager.CertificatePolicy = new MyCertificatePolicy();
...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.