堆栈内存溢出
  简体   繁体   English

Ubuntu上Dotnet Core中的客户端证书

[英]Client Certificates in Dotnet Core on Ubuntu

 原文  2016-07-11 15:33:45       c#/ ubuntu/ ssl/ asp.net-core

问题描述

all - I've written a dotnet core API set that functions perfectly on windows. 全部-我编写了一个在Windows上完美运行的dotnet核心API集。 On Ubuntu 14.04, everything works except for one SOAP request to a vendor that uses a client certificate for authentication. 在Ubuntu 14.04上,除了向使用客户端证书进行身份验证的供应商的一个SOAP请求外,其他所有功能均有效。

The request always times out. 该请求始终超时。 A Netstat trace shows that only 1 byte of data was sent to the remote service on 443. No communication happens for 100 seconds and then the app throws a timeout exception. Netstat跟踪显示在443上仅1字节的数据发送到了远程服务。100秒钟没有通信发生,然后该应用程序引发了超时异常。

I've tried using openssl to export PEM and CRT files and referenced those in addition to the way the code is configured now (pfx w/ password). 我尝试使用openssl导出PEM和CRT文件,并引用了这些代码,以及现在配置代码的方式(带有密码的pfx)。 I've also loaded the certificate portions of the PFX into ca-certs. 我还将PFX的证书部分加载到ca-certs中。

Here's the code: 这是代码: 

        var binding = new BasicHttpBinding();
        binding.Security.Mode = BasicHttpSecurityMode.Transport;
        binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;

        var baseAddress = new Uri(mySettings.ClientUrl);
        factory = new ChannelFactory<SingleSignOnSoap>(binding, new EndpointAddress(baseAddress));
        if (RuntimeEnvironment.OperatingSystemPlatform == Platform.Windows)
        {
            //windows file location
            factory.Credentials.ClientCertificate.Certificate = new X509Certificate2(mySettings.PrivateKeyWindowsPath, mySettings.PfxPass);
        }
        else
        {
            //linux file location
            factory.Credentials.ClientCertificate.Certificate = new X509Certificate2(mySettings.ClientPrivateKeyUnixPath, mySettings.PfxPass);

        }

        serviceProxy = factory.CreateChannel();
        RequestTicketRequest request = new RequestTicketRequest();
        RequestTicketRequestBody requestBody = new RequestTicketRequestBody(xmlRequest);
        request.Body = requestBody;

        RequestTicketResponse response = serviceProxy.RequestTicket(request);

        return response.Body.RequestTicketResult;

1 个解决方案

解决方案1
 1 已采纳  2016-07-13 19:47:15

Wireshark and Tshark show the authentication is actually working ok. Wireshark和Tshark显示身份验证确实可以正常进行。 The timeout is happening because the ServiceFactory is waiting to receive the response, but the network has sent a connection reset flag ([RST, ACK]) to the remote server. 发生超时是因为ServiceFactory正在等待接收响应,但是网络已向远程服务器发送了连接重置标志([RST,ACK])。 I've been able to reproduce on multiple linux distros so I'm adding an issue to the dotnet core WCF team's queue on github. 我已经能够在多个Linux发行版上进行复制,所以我为GitHub上的dotnet核心WCF团队添加了一个问题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 WCF 客户端日志记录 dotnet 核心 - WCF client logging dotnet core TypeInitializationException / SSL 库问题与 dotnet 核心和 Ubuntu - TypeInitializationException / SSL library issue with dotnet core and Ubuntu dotnet-core 默认为 2.0 框架 ubuntu - Dotnet-core defaulting to 2.0 framework ubuntu 如何在.Net Core中使用客户端SSL证书 - How to use Client SSL Certificates with .Net Core dotnet核心错误的客户端IP地址 - dotnet core wrong client IP address 使用Ubuntu上的dotnet core从目录路径获取驱动器信息 - Get Drive info from directory path using dotnet core on ubuntu 如何在 linux/ubuntu 中为 dotnet core (.NET 6) 配置 windows 身份验证 - How to configure windows authentication in linux/ubuntu for dotnet core (.NET 6) 如何使用 dotnet 核心加密具有多个 x509 证书的短信 - How to encrypt a text message with multiple x509 certificates with dotnet core 如何从dotnet核心中的服务器将二进制文件发送到SignalR客户端 - how to send a binary file to SignalR client from server in dotnet core 在 Do.net Framework 4.8 客户端中使用核心 gRPC 服务器? - Use Core gRPC Server in Dotnet Framework 4.8 client?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM