c# - .NET C# "The remote certificate is invalid according to the validation procedure"

标签 c# ssl

我在制作 REST 时遇到问题调用HttpClient目的。

  • 我有一个在 .NET Core 中开发的应用程序,它在 Windows 和 Linux 机器上运行。
  • 此应用程序调用 https://dev.example.com/ .
  • SSL 证书是有效的,并且它具有所有必需的中间证书和链式证书。
  • 此证书是为所有具有域 *.example.com 的 URL 颁发的。 .这意味着相同的证书应该适用于 dev.example.com , test.example.com , stage.example.com , 也适用于 prod.example.com .
  • 当我们在 Windows 10 机器上执行 .NET 核心应用程序时,它运行良好。但是,当我们在 Windows 7 机器上执行它时,我们会遇到问题。

    • 我还尝试在使用 HttpClientHandler 发送请求时使用证书文件 (.cer)类(class)。在 Windows 7 机器上,我也尝试下载证书并将其添加到受信任的证书中。
    但是,我仍然面临这个问题。
    下面是堆栈跟踪。
    ERROR ======================= :: System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
   at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
--- End of stack trace from previous location where exception was thrown ---
   at System.Net.Security.SslState.ThrowIfExceptional()
   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
   at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
   at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__47_1(IAsyncResult iar)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
   at System.Threading.Tasks.ValueTask`1.get_Result()
   at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Threading.Tasks.ValueTask`1.get_Result()
   at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask)
   at System.Threading.Tasks.ValueTask`1.get_Result()
   at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
    更新
    我尝试使用 IE 网络浏览器获取证书信息。
    在 Windows 10 系统上,我可以看到完整的证书信息。但是,在 Windows 7 系统上,我可以看到消息为

    The certificate cannot be verified up to a trusted certificate authority

    最佳答案

    最后,我能够解决这个问题。
    我发现该服务是由 Windows 7 系统上的一个用户创建的,但是,它被另一个用户调用。
    我尝试通过控制台(命令提示符)执行应用程序,发现应用程序能够通过 HTTPS 进行调用。但是,当我们将其作为服务运行时,它无法做到这一点。
    使用 sc 命令创建时修改了服务配置。sc create <servicename> binPath= <path/to/your/appexe.exe> obj= <username> password= <password> 我们这一更改应用程序能够通过 HTTPS 进行调用。

    关于c# - .NET C# "The remote certificate is invalid according to the validation procedure",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/64238068/

    上一篇:ssl - IBM MQIPT SSL 握手问题

    下一篇:ssl - kolla-ansible TLS 部署失败

    相关文章:

    c# - 在 WPF 中播放 Gif

    Facebook 实时更新证书验证失败

    android - 没有在 Webview 中获得 onReceivedClientCertRequest 的回调

    c# - Visual Studio 2019 进入定义状态,Intellisense 不起作用

    c# - 准时双排版

    c# - SubreportProcessing 事件未触发

    c# - InterpolationMode HighQualityBicubic 在调整大小后的图像边缘引入伪像

    SSL 在 Wildfly 中不起作用

    c# - 获取错误 107 (net::ERR_SSL_PROTOCOL_ERROR):SSL 协议(protocol)错误

    wcf - 使用 ADAM (AD LDS) 验证来自 Silverlight 的 WCF 调用

    ©2024 IT工具网  联系我们