当我尝试在本地运行此应用程序时(启用 SSL 时),
我总是得到这个提示安全连接的页面:
https://localhost:44300/
Secure Connection Failed
An error occurred during a connection to localhost:44300. PR_CONNECT_RESET_ERROR
- The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
- Please contact the website owners to inform them of this problem.
到目前为止我已经尝试过:
localhost
带有此 Power Shell 命令的证书:New-SelfSignedCertificate -DnsName "localhost" -CertStoreLocation "cert:\LocalMachine\My"
mmc.exe
并导出 certificate
由上述 Power Shell 脚本从 [Console Root\Certificates (Local Computer)\Personal\Certificates]
至[Console Root\Certificates (Local Computer)\Trusted Root Certification Authorities\Certificates
.到目前为止,这还没有奏效。如果我运行应用程序取消选中启用 SSL,它工作正常。
请就启用 SSL 的环境的可能解决方案提供建议。
最佳答案
重新生成 IIS Express localhost
证书对我有用:
Windows PowerShell ISE
使用管理员权限。Start-Transcript -Path "$($MyInvocation.MyCommand.Path).log"
try {
Write-Host "Creating cert resources"
$ekuOidCollection = [System.Security.Cryptography.OidCollection]::new();
$ekuOidCollection.Add([System.Security.Cryptography.Oid]::new("1.3.6.1.5.5.7.3.1","Server Authentication")) | Out-Null
$sanBuilder = [System.Security.Cryptography.X509Certificates.SubjectAlternativeNameBuilder]::new();
$sanBuilder.AddDnsName("localhost") | Out-Null
Write-Host "Creating cert extensions"
$certificateExtensions = @(
# Subject Alternative Name
$sanBuilder.Build($true),
# ASP.NET Core OID
[System.Security.Cryptography.X509Certificates.X509Extension]::new(
"1.3.6.1.4.1.311.84.1.1",
[System.Text.Encoding]::ASCII.GetBytes("IIS Express Development Certificate"),
$false),
# KeyUsage
[System.Security.Cryptography.X509Certificates.X509KeyUsageExtension]::new(
[System.Security.Cryptography.X509Certificates.X509KeyUsageFlags]::KeyEncipherment,
$true),
# Enhanced key usage
[System.Security.Cryptography.X509Certificates.X509EnhancedKeyUsageExtension]::new(
$ekuOidCollection,
$true),
# Basic constraints
[System.Security.Cryptography.X509Certificates.X509BasicConstraintsExtension]::new($false,$false,0,$true)
)
Write-Host "Creating cert parameters"
$parameters = @{
Subject = "localhost";
KeyAlgorithm = "RSA";
KeyLength = 2048;
CertStoreLocation = "Cert:\LocalMachine\My";
KeyExportPolicy = "Exportable";
NotBefore = Get-Date;
NotAfter = (Get-Date).AddYears(1);
HashAlgorithm = "SHA256";
Extension = $certificateExtensions;
SuppressOid = @("2.5.29.14");
FriendlyName = "IIS Express Development Certificate"
}
Write-Host "Creating cert"
$cert = New-SelfSignedCertificate @parameters
$rootStore = New-Object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList Root, LocalMachine
$rootStore.Open("MaxAllowed")
$rootStore.Add($cert)
$rootStore.Close()
Write-Host "Creating port bindings"
# Add an Http.Sys binding for port 44300-44399
$command = 'netsh'
for ($i=44300; $i -le 44399; $i++) {
$optionsDelete = @('http', 'delete', 'sslcert', "ipport=0.0.0.0:$i")
$optionsAdd = @('http', 'add', 'sslcert', "ipport=0.0.0.0:$i", "certhash=$($cert.Thumbprint)", 'appid={214124cd-d05b-4309-9af9-9caa44b2b74a}')
Write-Host "Running $command $optionsDelete"
& $command $optionsDelete
Write-Host "Running $command $optionsAdd"
& $command $optionsAdd
}
}
catch {
Write-Error $_.Exception.Message
}
finally {
Stop-Transcript
}
它现在应该可以正常工作了。(脚本来自这个 Github 问题页面的@Shirhatti:https://github.com/dotnet/aspnetcore/issues/26437)
关于c# - 在 IISExpress 上运行的 ASP.NET Core 应用程序中的 HTTPS 错误 - PR_CONNECT_RESET_ERROR,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/64880715/