[英]Request.HttpContext.Connection.ClientCertificate is always null
I have an ASP.Net core website deployed on Azure app service for Linux.我在适用于 Linux 的 Azure 应用服务上部署了一个 ASP.Net 核心网站。
In the controller, I am trying to get the client certificate like below:在控制器中,我正在尝试获取客户端证书,如下所示:
var callerCertificate = Request.HttpContext.Connection.ClientCertificate;
I always get callerCertificate
as null .我总是将callerCertificate
设为null 。 I have tried await Request.HttpContext.Connection.GetClientCertificateAsync()
with same result null .我试过await Request.HttpContext.Connection.GetClientCertificateAsync()
与相同的结果null 。
My website webhost creation looks like below:我的网站虚拟主机创建如下所示:
WebHost.CreateDefaultBuilder(args)
.UseKestrel()
.UseStartup<Startup>()
.UseSerilog();
I have also set SSL setting for the website (in Azure) as below:我还为网站(在 Azure 中)设置了 SSL 设置,如下所示:
The client side caller is a net462 project that uses Microsoft.Rest.CertificateCredentials
to set the certificate to HTTP request.客户端调用方是一个 net462 项目,它使用Microsoft.Rest.CertificateCredentials
将证书设置为 HTTP 请求。
var cred = new CertificateCredentials(_deviceCertificate)
...
await this.cred.ProcessHttpRequestAsync(_httpRequest, cancellationToken).ConfigureAwait(false);
You could try to add the certificate using HttpClient
directly instead of using Microsoft.Rest.CertificateCredential
.您可以尝试直接使用HttpClient
添加证书,而不是使用Microsoft.Rest.CertificateCredential
。
var clientHandler = new HttpClientHandler();
clientHandler.ClientCertificateOptions = ClientCertificateOption.Manual;
clientHandler.ClientCertificates.Add(_deviceCertificate);
var client = new HttpClient(clientHandler);
var result = client.GetAsync("https://yourservice").GetAwaiter().GetResult();
You may also need to configure the SSL protocol (SSL2, SSL3, TLS, etc.):您可能还需要配置 SSL 协议(SSL2、SSL3、TLS 等):
clientHandler.SslProtocols = SslProtocols.Tls;
Answering my own question: I am able to get the client certificate from header回答我自己的问题:我能够从标题中获取客户端证书
string clientCertFromHeader = Request.Headers["X-ARR-ClientCert"]; string clientCertFromHeader = Request.Headers["X-ARR-ClientCert"];
Though, it is still a mystery as to why Request.HttpContext.Connection.ClientCertificate is not giving the certificate.尽管如此,为什么 Request.HttpContext.Connection.ClientCertificate 没有提供证书仍然是一个谜。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.