[英]what is the JSSE equivalent for .NET (C#)?
I'm working on an application using c#-4.0 and EntireX Broker 9.5.1 I'm attempting to convert to tpcip connections to use ssl. 我正在使用c#-4.0和EntireX Broker 9.5.1开发应用程序。我正在尝试转换为tpcip连接以使用ssl。 I was successful in upgrading my java code to do the same thing thanks to Java/ Software AGs use of jsse for handling the SSL/ceritificate validation.
由于Java / Software AG使用jsse处理SSL / ceritificate验证,我成功地升级了我的java代码以执行相同的操作。 However, when connecting to the same server/port under .net I'm getting the following error:
但是,当连接到.net下的同一服务器/端口时,我收到以下错误:
02150403: Certificate expired or invalid
The error message sounds like it's communicating. 错误消息听起来像是正在通信。 So how can I get .Net to successfully validate the certificate?
那么如何让.Net成功验证证书呢?
PS: The certificate is signed by Verisign. PS:证书由Verisign签署。
UPDATE: 更新:
Both IE and Firefox successfully connect on https://server.domain:port
without throwing certificate errors. IE和Firefox都成功连接到
https://server.domain:port
而不会丢失证书错误。 My application is actually connecting to ssl://server:port?verify_server=y
我的应用程序实际连接到
ssl://server:port?verify_server=y
verify_server=n
throws the same certificate error. verify_server=n
抛出相同的证书错误。
The certificate is not expired. 证书未过期。 The stack trace from the exception stops right at
Broker.Logon();
来自异常的堆栈跟踪在
Broker.Logon();
处停止Broker.Logon();
. 。
at SoftwareAG.EntireX.NETWrapper.Runtime.Broker.Logon(String password)
在SoftwareAG.EntireX.NETWrapper.Runtime.Broker.Logon(String password)
at FAServer.EntireXDotNetClasses.EntireXWrapper.CreateBroker() in C:\\Users\\tfburton\\Documents\\Visual Studio 2010\\Projects\\NEW FADCOM\\FAServer\\EntireXDotNetClasses\\EntireXWrapper.cs:line 1302在C:\\ Users \\ tfburton \\ Documents \\ Visual Studio 2010 \\ Projects \\ NEW FADCOM \\ FAServer \\ EntireXDotNetClasses \\ EntireXWrapper.cs中的FAServer.EntireXDotNetClasses.EntireXWrapper.CreateBroker():第1302行
UPDATE: 更新:
Here's how I'm creating my Broker object. 这是我如何创建我的Broker对象。
try
{
Broker mybroker;
try { mybroker = new Broker(BrokerName, BrokerUser); }
catch (Exception e)
{
Utilities.LogEntry("Error Creating broker instance -- BEFORE LOGON. ", e, true);
throw new WrapperException("Error Creating broker instance -- BEFORE LOGON. "
+ Environment.NewLine + e.Message);
}
try //{ mybroker.Logon(BrokerPass); }
{
mybroker.Password = BrokerPass;
mybroker.Logon(); //<-- stracktrace points here
}
catch (AccessViolationException ave)
{
Utilities.LogEntry("Error During Broker Logon.", ave,
EventLogEntryType.Error);
throw new WrapperException(ave); //wrap and duck
}
}
catch ( Exception e )
{
Utilities.LogEntry("Error Creating broker instance. ", e, true);
XException be = e as XException;
if ( null != be ) //<-- resolves to true
{
String msg = "Certificate error connecting to: " + BrokerName;
throw new WrapperException(msg, e);
}
throw new WrapperException( "Error Creating broker instance. "
+ Environment.NewLine + e.Message); //<-- error caught and re-thrown here
}
Turns out I was barking up the wrong tree. 事实证明我正在咆哮错误的树。
I'm not sure if .NET has an equivalent for JSSE. 我不确定.NET是否具有JSSE的等价物。
My solution turned out to be a lot simpler, concatinate the root certs in a text file and add 我的解决方案变得更加简单,在文本文件中合并根证书并添加
trust_store=path\to\file\myrrootcerts.pem
as a parameter to the url aka 作为url aka的参数
BROKER-ID
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.