[英]Consuming webservice that requires Client Certificate and Root Certificate using C# Restsharp Library
我正在尝试使用要求开发人员将签名证书作为参数的一部分传递的 Web 服务。 该服务在测试环境中运行良好,但是对于生产环境,除了签名证书之外,您还需要根证书才能成功访问该服务。 这已经在 Postman 中进行了测试,并产生了成功的结果。
当使用 RestSharp 库在 C# 代码中实现这一点时,我得到如下所示的响应。
查询客户端响应日志:{"statusCode":0,"statusDescription":null,"content":"","headers":[],"responseUri":null,"errorMessage":"请求被中止:不能创建 SSL/TLS 安全通道。"}
我的问题是,我如何使用 Restsharp 库在 C# 中实现这一点。 下面是我实现这一目标的代码。 但是我不断收到错误“请求被中止:无法创建 SSL/TLS 安全通道。 ”
log.Info("-------------------Initiating Query Request---------------------------");
QueryClient ad = new QueryClient();
ad.institutionId = ConfigurationManager.AppSettings["OriginInst"];
ad.proxyId = pr.proxyId;
ad.requestSource = "XX";
ad.requestTimestamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
string concat = ad.institutionId + ad.proxyId + ad.requestSource + ad.requestTimestamp;
HelperLibrary hl = new HelperLibrary();
string key = ConfigurationManager.AppSettings["pkey2"];
string signature = hl.GetSignature(concat, key);
ad.requestSignature = signature;
ServicePointManager.Expect100Continue = true;
ServicePointManager.DefaultConnectionLimit = 9999;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
| SecurityProtocolType.Tls11
| SecurityProtocolType.Tls12
| SecurityProtocolType.Ssl3;
var client = new RestSharp.RestClient("https://service.url");
//load certificates
var myCert = new X509Certificate2(ConfigurationManager.AppSettings["certificatePath"],
ConfigurationManager.AppSettings["certificatePassword"],
X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);
var rootCert = new X509Certificate2(ConfigurationManager.AppSettings["certificateRootPath"]);
X509Chain chain = new X509Chain();
chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
chain.ChainPolicy.ExtraStore.Add(rootCert);
X509CertificateCollection clientCerts = new X509CertificateCollection();
clientCerts.Add(myCert);
clientCerts.Add(rootCert);
client.ClientCertificates = clientCerts;
ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback((sender, certificate, chain, policyErrors) => { return true; });
var request = new RestSharp.RestRequest(RestSharp.Method.POST);
log.Info("Query Client Using Certificate Path: " + ConfigurationManager.AppSettings["certificatePath"]);
request.AddHeader("accept", "application/json");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", jsonString, RestSharp.ParameterType.RequestBody);
var serializer = new System.Web.Script.Serialization.JavaScriptSerializer();
var requestToLog = new
{
resource = request.Resource,
parameters = serializer.Serialize(request.Parameters),
method = request.Method.ToString(),
// This will generate the actual Uri used in the request
uri = client.BuildUri(request),
};
log.Info("Query Client Request: " + requestToLog);
RestSharp.IRestResponse response = client.Execute(request);
var responseToLog = new
{
statusCode = response.StatusCode,
statusDescription = response.StatusDescription,
content = response.Content,
headers = response.Headers,
responseUri = response.ResponseUri,
errorMessage = response.ErrorMessage,
};
log.Info("Query Client Response Log: " + JsonConvert.SerializeObject(responseToLog));
您的建议将不胜感激。
该错误与代码无关。 出现此问题是因为我正在从浏览器访问该服务。 然而,浏览器并没有这个证书颁发机构的任何记录。 必须将根证书添加到浏览器的证书管理器中。 以下是在 Firefox 浏览器中添加证书颁发机构的步骤。
工具->设置->隐私和安全->查看证书->权限->导入
关于如何在 Firefox 浏览器中添加证书授权的第一个屏幕截图
关于如何在 Firefox 浏览器中添加证书颁发机构的第二个屏幕截图
添加证书后,我可以顺利访问该服务。
C# 使用 CertEnroll 从根证书生成客户端证书
[英]C# Generate client Certificate from Root Certificate using CertEnroll
C#无法访问服务器中需要客户端证书的Web服务
[英]C# cannot access webservice that requires a client certificate from within the server
如何在Https请求中添加RestSharp添加客户端证书? (C#)
[英]How to RestSharp add client certificate in Https request? (C#)
通过C#访问需要通过证书的WebService(HTTPS)
[英]Acessing a WebService (HTTPS) that requires a certificate via WCF in C#
在 C# 中使用 HttpSelfHostServer 验证客户端证书
[英]Authenticate client certificate using HttpSelfHostServer in C#
C# RestSharp 客户端证书获取异常“无法建立 SSL 连接”
[英]C# RestSharp Client Certificate getting exception "The SSL connection could not be established"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.