[英]“Could not create SSL/TLS secure channel” error when authenticating to a web service using X.509
我见过多个线程具有相同的错误,并尝试了各种可能的解决方案,但到目前为止还没有运气。 我正在使用客户端的REST端点,该端点需要客户端证书进行身份验证。 我拥有证书,并通过双击.pfx并完成向导为当前用户和本地计算机安装了该证书。 我还使用winhttpcertcfg运行了以下winhttpcertcfg以便应用程序池标识帐户( Network Service )可以使用证书:
winhttpcertcfg -i "<path to .pfx> -c LOCAL_MACHINE\My -a "Network Service" -p "<password for .pfx>
我已将证书管理单元添加到MMC并添加了我的证书,因此当我在Chrome中点击API端点URL时,将显示证书并单击它,然后看到返回的XML。
不幸的是,我正在使用的代码在尝试获取响应时遇到错误。 我的代码(在MVC动作中):
var url = "https://obfuscated.api.endpoint.host/api/Profile";
var certPath = @"C:\Users\paldrich\AdvisorDirectoryClient.pfx";
var xmlResult = string.Empty;
try
{
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11
| SecurityProtocolType.Tls12;
HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest;
request.ContentType = "application/xml;charset=UTF8";
X509Certificate cert = new X509Certificate(certPath, "obfuscated-password");
request.ClientCertificates.Add(cert);
request.PreAuthenticate = true;
var response = request.GetResponse();
var responseStream = response.GetResponseStream();
xmlResult = new StreamReader(responseStream).ReadToEnd();
}
catch (Exception ex)
{
Log.Error("Bio App web service call failed.", ex, "AdvisorController");
xmlResult = ex.Message;
}
return Json(xmlResult, JsonRequestBehavior.AllowGet);
当它尝试获取响应( response.GetResponse() )时,我看到以下错误: The request was aborted: Could not create SSL/TLS secure channel.
我尝试过的事情:
C:\\Users\\paldrich Network Service完全访问权限授予C:\\Users\\paldrich下的我的证书。 ServicePointManager.SecurityProtocol只是SecurityProtocolType.Tls12 ,也就是SecurityProtocolType.Ssl3 。 Use Tls 1.0 ,“ Use Tls 1.1和“ Use Tls 1.2 。 提交此文件后,我意识到我的问题所在。 我需要使用X509Certificate2而不是X509Certificate (我只是尝试2来解决这个问题),尽管我不明白为什么,但实际上X509Certificate2是更新的。 无论如何,XML即将问世。 它显示为Unicode转换的字符串,但总体目标已经实现。
因此,代替:
X509Certificate cert = new X509Certificate(certPath, "obfuscated-password");
我不得不使用:
X509Certificate2 cert = new X509Certificate2(certPath, "obfuscated-password");
该请求已中止:使用X509Certificate2时无法创建SSL / TLS安全通道
[英]The request was aborted: Could not create SSL/TLS secure channel when using X509Certificate2
请求被中止:连接到旧 Web 服务时无法创建 SSL/TLS 安全通道
[英]The request was aborted: Could not create SSL/TLS secure channel when connecting to an old web service
具有X509Certificate2的C#HttpClient-WebException:请求已中止:无法创建SSL / TLS安全通道
[英]C# HttpClient with X509Certificate2 - WebException: The request was aborted: Could not create SSL/TLS secure channel
不在管理员模式下时,无法在TLS 1.2连接期间创建SSL / TLS安全通道错误
[英]Could not create SSL/TLS secure channel error during TLS 1.2 connection when not in admin mode
Azure Web应用程序中的“无法创建SSL / TLS安全通道”
[英]“Could not create SSL/TLS secure channel” in an Azure Web Application
调用第三方Web服务和证书时无法使用授权建立SSL / TLS的安全通道
[英]Could not establish secure channel for SSL/TLS with authority when calling third party web service along with certificate
尝试从Visual Studio添加Https服务时出现“无法创建SSL / TLS安全通道”错误
[英]“Could not create SSL/TLS secure channel” Error while trying to add Https Service from Visual Studio
在Windows 10上添加服务引用时出现“无法创建SSL / TLS安全通道”
[英]“Could not create SSL/TLS secure channel” when adding service reference on WIndows 10
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.