在 dotnet 中使用 ssl 进行双向身份验证
我有一个项目,需要通过网络请求发送数据文件。我们需要设置双向身份验证,也称为相互身份验证。我们不确定是否需要特殊证书,但我们知道它需要为 3 级。
我无法找到此案例的示例代码。我不知道在哪里添加我们的证书信息。使用此代码,当我们尝试读取响应流时,会引发底层连接已关闭错误,并且永远不会调用ServicePointManager.ServerCertificateValidationCallback。这就是我所拥有的:
ServicePointManager.ServerCertificateValidationCallback = New Security.RemoteCertificateValidationCallback(AddressOf MyCertValidationCb)
httpReq = CType(System.Net.HttpWebRequest.Create(url), HttpWebRequest)
For Each cert As String In certs
X509cert = X509Certificate2.CreateFromCertFile(cert)
X509cert2 = New X509Certificate2(X509cert)
httpReq.ClientCertificates.Add(X509cert2)
Next
httpReq.Method = "POST" ' Post method
httpReq.ContentType = "text/xml" ' content type
' Wrap the request stream with a text-based writer
writer = New StreamWriter(httpReq.GetRequestStream())
' Write the XML text into the stream
reader = New StreamReader(filename.Name)
ret = reader.ReadToEnd()
reader.Close()
' Send the data to the webserver
writer.WriteLine(ret)
writer.Close()
' Wait for response
Dim httpRsp As System.Net.HttpWebResponse = CType(httpReq.GetResponse(), HttpWebResponse)
sr = New StreamReader(httpRsp.GetResponseStream)
responseText = sr.ReadToEnd
If httpReq IsNot Nothing Then
httpReq.GetRequestStream().Close()
End If
If httpRsp IsNot Nothing Then
httpRsp.GetResponseStream().Close()
End If
任何带有示例代码的提示或博客链接都很棒。 谢谢。
I have a project where I need to send a datafile through a web request. We need to setup Two-way authentication also known as mutual authentication. We are not sure if we need a special cert or not but we know that it needs to be level 3.
I am having trouble finding sample code for this case. I don't know where to add our cert information. With this code a Underlying connection is closed error is thrown when we try to read the response stream and ServicePointManager.ServerCertificateValidationCallback is never called. Here is what I have:
ServicePointManager.ServerCertificateValidationCallback = New Security.RemoteCertificateValidationCallback(AddressOf MyCertValidationCb)
httpReq = CType(System.Net.HttpWebRequest.Create(url), HttpWebRequest)
For Each cert As String In certs
X509cert = X509Certificate2.CreateFromCertFile(cert)
X509cert2 = New X509Certificate2(X509cert)
httpReq.ClientCertificates.Add(X509cert2)
Next
httpReq.Method = "POST" ' Post method
httpReq.ContentType = "text/xml" ' content type
' Wrap the request stream with a text-based writer
writer = New StreamWriter(httpReq.GetRequestStream())
' Write the XML text into the stream
reader = New StreamReader(filename.Name)
ret = reader.ReadToEnd()
reader.Close()
' Send the data to the webserver
writer.WriteLine(ret)
writer.Close()
' Wait for response
Dim httpRsp As System.Net.HttpWebResponse = CType(httpReq.GetResponse(), HttpWebResponse)
sr = New StreamReader(httpRsp.GetResponseStream)
responseText = sr.ReadToEnd
If httpReq IsNot Nothing Then
httpReq.GetRequestStream().Close()
End If
If httpRsp IsNot Nothing Then
httpRsp.GetResponseStream().Close()
End If
Any tips or links to blogs with sample code would be great.
Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您不需要“特殊”证书。您的客户端需要自己的证书,并在连接中使用它来告诉服务器其身份。这称为客户端证书。服务器应该正确处理这个问题。
以下 MSDN 文章讨论了如何设置 ClientCertificate:
http://msdn.microsoft.com/en-us/library/ms732391.aspx?cs-save-lang=1&cs-lang=vb#code-snippet-2
You don't need a 'special' certificate. Your client needs its own certificate and use it in the connection to tell the server its identity. That is called a Client Certificate. The server should handle this properly.
The following MSDN article talks about how to set your ClientCertificate:
http://msdn.microsoft.com/en-us/library/ms732391.aspx?cs-save-lang=1&cs-lang=vb#code-snippet-2