堆栈内存溢出
  简体   繁体   English

如何使用证书身份验证自定义套接字TCP协议?

[英]How to use certificate authentication for custom sockets TCP protocol?

 原文  2015-04-30 11:49:55       c#/ authentication/ networking/ certificate

问题描述

I know that WCF has certificate authentication. 我知道WCF有证书身份验证。 How can I do the same thing for my custom sockets protocol? 如何为自定义套接字协议执行相同的操作? What classes should I use to verify certificates? 我应该使用哪些类来验证证书? What data should I transfer between parties? 我应该在各方之间转移什么数据? What are the required steps? 有哪些必要步骤?

1 个解决方案

解决方案1
 0 已采纳  2015-04-30 13:52:12

Assuming you want to use SSL: 假设您要使用SSL:

On the server side, you can wrap a NetworkStream in an SslStream and authenticate using a X509Certificate : 在服务器端,您可以将NetworkStream包装在SslStream并使用X509Certificate身份验证: 

SslStream stream = new SslStream(networkStream, false);
stream.AuthenticateAsServer(certificate, false, SslProtocols.Default, false);

The false in that second call controls whether the server requires the client to have a certificate as well. 第二个调用中的false控制服务器是否还要求客户端拥有证书。

This link contains code to generate a self-signed certificate, handy during development. 此链接包含生成自签名证书的代码,在开发过程中很方便。

On the client side, you have to provide a validation callback: 在客户端,您必须提供验证回调: 

SslStream stream = new SslStream(networkStream, false, ValidateRemoteCertificate);
stream.AuthenticateAsClient(RemoteHost);

You can supply client certificates in the AuthenticateAsClient overloads, if desired. 如果需要,您可以在AuthenticateAsClient重载中提供客户端证书。 

private bool ValidateRemoteCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
    if (sslPolicyErrors == SslPolicyErrors.None)
    {
        return true;
    }

    // Here you decide whether self-signed certificates are OK
    if (allowAnyCertificateAnyway)
    {
        return true;
    }

    return false;
}

I hope this helps, it uses NetworkStream which in the end is simply a wrapper around Socket . 我希望这会有所帮助,它使用的是NetworkStream ,它最终只是Socket一个包装器。 This is all built in in the framework, and you can read/write from/to the SslStream as if it was a regular NetworkStream . 这都是在框架中内置的,您可以从/向SslStream读取/写入,就像它是常规的NetworkStream

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在C#中通过TCP协议上的套接字发送文件? - How To Send A File By Sockets On TCP Protocol In C#? 如何在没有套接字的Android中使用TCP客户端? - How to use TCP Client in Android without Sockets? 如何构造自定义二进制协议TCP请求 - How to structure custom binary protocol TCP request 通过TCP套接字创建通信协议? - Creating communication protocol over TCP Sockets? 同时使用TCP和UDP套接字 - Simultaneous use of TCP and UDP sockets 如何通过Net.TCP WCF绑定使用简单的TCP / IP套接字连接? - How to use simple TCP/IP sockets connection over Net.TCP WCF binding? 是否可以将UDP与Web套接字一起使用而不是TCP - Is it possible to use UDP with Web Sockets instead of TCP .NET TCP协议的可靠性如何? - How reliable is .NET TCP protocol? 如何在Simple.OData.Client中使用证书身份验证? - How to use certificate authentication in Simple.OData.Client? 如何在自定义身份验证标头中使用HTTP响应 - How to use HTTP response with custom authentication header
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM