[英]Using local certificates by IIS
我已经开发了Web API服务,该服务可以要求另一个需要个人证书的Web API。
当我在本地PC上开发此服务时,我像这样使用了HttpClient:
_handler = new HttpClientHandler()
{ ClientCertificateOptions = ClientCertificateOption.Automatic };
_client = new HttpClient(_handler);
我的个人证书是从我的PC上获得的。
然后,我想将项目发布到Windows Server 2012 R2上的IIS 8。
首先,我已经在服务器上安装了所有证书,并在IIS中设置了应用程序池,IIS由服务用户启动,但是我的API应用程序使用了我帐户的池(证书已绑定到该池)。 但是,当我尝试发出请求时,出现如下异常:
<InnerException>
<Message>An error has occurred.</Message>
<ExceptionMessage>An error occurred while sending the request.</ExceptionMessage>
<ExceptionType>System.Net.Http.HttpRequestException</ExceptionType>
<StackTrace/>
<InnerException>
<Message>An error has occurred.</Message>
<ExceptionMessage>
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
</ExceptionMessage>
<ExceptionType>System.Net.WebException</ExceptionType>
<StackTrace>
at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context) at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
</StackTrace>
<InnerException>
<Message>An error has occurred.</Message>
<ExceptionMessage>
The remote certificate is invalid according to the validation procedure.
</ExceptionMessage>
<ExceptionType>
System.Security.Authentication.AuthenticationException
</ExceptionType>
<StackTrace>
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult) at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
</StackTrace>
</InnerException>
</InnerException>
</InnerException>
我认为我的问题是IIS无法使用我已经在Windows Server上安装的证书。
我该如何解决?
在调用HttpClient之前使用它。 请记住,此代码仅适用于开发机器。 请勿在生产中使用
ServicePointManager.ServerCertificateValidationCallback =
delegate (
object s,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors
) {
return true;
};
对于使用HttpModule的非本地网络请求,在IIS中要求客户端证书
[英]Require client certificates in IIS for non-local network requests using HttpModule
在 IIS 上托管的 C# 中使用 USB 令牌打开 X509 证书选择
[英]Open X509 Certificates Selection Using USB Token in C# Hosted on IIS
关于使用自签名证书在IIS 7.0上启用SSL的问题
[英]Issue regarding Enabling SSL on IIS 7.0 Using Self-Signed Certificates
有没有一种方法可以使用FtpWebRequest通过C#中的客户端证书对FTP进行身份验证,该证书也可以在iis上使用?
[英]Is there a way to use FtpWebRequest to authenticate to FTP using client certificates in C# which can work from iis also?
如何使用 C#、WMI 和/或 System.Management 从 IIS 6.0 获取站点列表和 SSL 证书?
[英]How to get a list of sites and SSL certificates from IIS 6.0 using C#, WMI, and/or System.Management?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.