m_safeCertContext 是无效句柄
我一直在努力解决一个问题,也许你们可以为我指明正确的方向。
我正在尝试通过 https 连接在网络服务器上对 pdf 进行数字签名。
在页面加载时,我这样做:
HttpClientCertificate cs = Request.ClientCertificate;
X509Certificate card = new X509Certificate(cs.Certificate);
Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.GetRawCertData())};
我在最后一行代码中收到错误“m_safeCertContext 是无效句柄”。
请注意:
- 我使用两个完全不同的证书遇到相同的错误。
- 证书正在被检索到“card”变量中。
- 我曾经将卡获取到 X509Certificate2,但我昨天在某处读到,我无法发现可以通过转换为 X509Certificate 然后向下转换为 X509Certificate2 来解决该错误。 这是那些“嗯......这没有任何意义,但我还没有尝试过”的时刻之一。
- 我尝试将
[System.Security.SecurityCritical, System.Security.SecurityTreatAsSafe]属性添加到所有方法甚至类中,以查看它是否有效......没有这样的运气。
谁能给我一个提示吗?
I've been wrestling with a problem, maybe you guys can point me in the right direction.
I'm trying to digitally sign a pdf, on the webserver, over an https connection.
At page load i'm doing as so:
HttpClientCertificate cs = Request.ClientCertificate;
X509Certificate card = new X509Certificate(cs.Certificate);
Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.GetRawCertData())};
I'm getting the error "m_safeCertContext is an invalid handle" at that last line of code.
Please note that:
- I am getting the same error using 2 completely different certificates.
- The certificate is being retrieved to the "card" variable ok.
- I used to get the card to X509Certificate2 but i read yesterday somewhere I'm not being able to find that the error could be solved by casting as a X509Certificate and then downcasting to X509Certificate2. It was one of those "well... this does not makes any sense but i havent tried it yet" moments.
- I have tried to add
[System.Security.SecurityCritical, System.Security.SecurityTreatAsSafe]property to all methods and even the class to see if it would work... no such luck.
Can anyone one give me a hint?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
每当您访问密码学中未初始化的字段时,都可能发生这种情况。
在您的代码中,如果
Request.ClientCertificate返回一个没有原始证书数据的对象,那么当您在第四行调用card.GetRawCertData()时,您将看到错误。作为一个简单的测试,请尝试以下操作:
这将引发以下异常,因为没有可用的指纹:
使用给定的堆栈跟踪:
This can happen any time you access uninitialized fields in cryptography.
In your code, if
Request.ClientCertificatereturns an object with no raw certificate data then you will see the error when you callcard.GetRawCertData()on your fourth line.As a simple test, try the following:
This will throw the following exception because there is no thumbprint available:
with the given stack trace:
看起来这不是您的问题,但对于其他人来说:请确保在尝试访问任何与证书相关的属性或方法之前不要调用 X509Certificate2.Reset() 。
Looks like this is not your problem, but for others: make sure you don't call X509Certificate2.Reset() before trying to access any certificate related properties or methods.
从另一个代码调用方法,例如
Equals - 调用错误“m_safeCertContext 是无效句柄。” 因为 X509Certificate 不存在
决定
此代码有效!
method calling from another code like this
Equals - calling error "m_safeCertContext is an invalid handle." because X509Certificate not exist
decision
this code works!