堆栈内存溢出
  简体   繁体   English

.Net Core 连接服务与 SSL 证书

[英].Net Core Connected Service with SSL Certificate

 原文  2019-08-02 17:32:53       c#/ ssl/ asp.net-core/ soap/ certificate

问题描述

I am trying to make a request to a web service endpoint that utilizes an SSL certificate for communication.我正在尝试向使用 SSL 证书进行通信的 Web 服务端点发出请求。 I have spent hours googling for an example but have come up with very little so far.我花了几个小时在谷歌上搜索一个例子,但到目前为止几乎没有想出什么。

I did manage to get the connected service to scaffold by directly navigating to the wsdl and xsd file, saving them manually and pointing the WCF Web Service Reference Provider to the containing directory based on this solution.我确实通过直接导航到 wsdl 和 xsd 文件,手动保存它们并将 WCF Web 服务引用提供程序指向基于解决方案的包含目录,从而设法将连接的服务安装到脚手架。 I also tried installing the certificate with the winhttpcertcfg.exe but could not get the tool to successfully open the channel to generate the client directly from the WSDL.我也尝试使用 winhttpcertcfg.exe 安装证书,但无法获得成功打开通道以直接从 WSDL 生成客户端的工具。

Now that I have the client generated, I am unable to figure out how to add the certificate correctly.现在我已经生成了客户端,我无法弄清楚如何正确添加证书。 This is the code that I have currently这是我目前拥有的代码

 // Get the certificate
                var testCert = new X509Certificate2(System.IO.File.ReadAllBytes("C://SecureCert.PFX"), "##########");

                //Create instance of SOAP client
                HostedCollectionPaymentService.OnlineService_v2_2Client soapClient = new OnlineService_v2_2Client(new BasicHttpsBinding(BasicHttpsSecurityMode.Transport), new EndpointAddress("https://secure.service.endpoint.com/2.2/"));

                // Add the certificate to the client
                soapClient.ClientCredentials.ClientCertificate.Certificate = testCert;

                using (new OperationContextScope(soapClient.InnerChannel))
                {
                    try
                    {
                        var result = await soapClient.startOnlineCollectionAsync(new StartOnlineCollectionRequest
                        {
                            app_id = "12344",
                            tracking_id = "fdsa43531",
                            transaction_amount = 5.00m,
                            transaction_type = TransactionType.Sale
                        });

                        Console.WriteLine(result.startOnlineCollectionResponse.token);
                    }
                    catch (Exception ex)
                    {
                        var f = ex;
                        throw;
                    }
                }

When i try to connect, i recieve the response "Message = "Could not establish trust relationship for the SSL/TLS secure channel with authority 'secure.service.endpoint.com'".当我尝试连接时,我收到响应“消息 =“无法与权限为‘secure.service.endpoint.com’的 SSL/TLS 安全通道建立信任关系”。

I have verified that the certificate is valid and I am able to connect to the service using the SoapUI toolset.我已验证证书有效,并且能够使用 SoapUI 工具集连接到该服务。

I am assuming that I am either missing a configuration or attaching the SSL certificate incorrectly.我假设我缺少配置或错误地附加了 SSL 证书。 If someone could provide a suggestion or point me to the appropriate documentation I would be highly appreciative.如果有人可以提供建议或向我指出适当的文档,我将不胜感激。

1 个解决方案

解决方案1
 10 已采纳  2019-08-04 18:27:13

Figured it out.弄清楚了。 I need this extra configuration line.我需要这个额外的配置行。

binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;

Here is a sample for those asking where it was included.这是一个示例,供询问它包含在何处的人使用。 In my case it was for a payment gateway service.就我而言,它用于支付网关服务。

// Get the cert
var myCertificate = await GetMyCertificate(); //X509Cert

// Create a new binding to specify certificate security
var binding = new BasicHttpsBinding()
{
    Name = "basic_ssl_cert"
};

// Specify the credential type
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;


//Create instance of SOAP client
QaPaymentService.PaymentOnlineService_v2_Client soapClient = new QaPaymentService.PaymentOnlineService_v2_Client(binding, new EndpointAddress(onlinePaymentServiceEndpoint));

// Add the certificate to the client
soapClient.ClientCredentials.ClientCertificate.Certificate = myCertificate;


using (new OperationContextScope(soapClient.InnerChannel))
{
    try
    {
        var result = soapClient.completeOnlineCollectionAsync(new QaPaymentService.CompleteOnlineCollectionRequest
        {
            app_id = appId,
            token = token           
        }).GetAwaiter().GetResult();

        return (result.completeOnlineCollectionResponse.tracking_id);
    }
    catch (FaultException<QaPaymentService.PaymentServiceFault> ex)
    {
        // Extract the actuall error from the service fault
        throw new myServiceException(ex.Detail.return_detail, ex)
        {
            ErrorDetail = ex.Detail.return_detail,
            ErrorCode = ex.Detail.return_code
        };                       
    }
    catch (Exception ex)
    {
        logger.LogError($"Error completing transaction from QA my service: {ex.Message}", ex);
        throw ex;
    }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 连接服务 .net 核心的客户端证书 - Client certificate to connected service .net core 如何将 SSl 证书添加到 Kestrel in.Net core - How to add SSl certificate to Kestrel in .Net core 绕过 .net 核心中的无效 SSL 证书 - bypass invalid SSL certificate in .net core 连接的服务 WCF 不工作 NET core 3.1 - Connected service WCF not work NET core 3.1 在DotNet核心服务堆栈上绕过SSL证书验证 - Bypassing SSL Certificate Validation on DotNet Core Service Stack ASP.NET Core + IIS Express 如何设置 SSL 证书 - ASP.NET Core + IIS Express how to setup SSL Certificate 如何在CentOS上的.Net-Core 2中忽略SSL证书验证 - How to ignore SSL certificate validation in .Net-Core 2 on CentOS 带有不完整链的 SSL 证书,在 .NET Core 2.2 中通过验证 - SSL Certificate with Incomplete-Chain, passes validation in .NET Core 2.2 在 .net 中获取 ssl 证书 - get ssl certificate in .net Asp.Net Core 连接服务 SOAP 方法始终 Null - Asp.Net Core Connected Service SOAP Method Always Null
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM