证书问题403.7

发布于 2024-10-25 07:14:28 字数 979 浏览 1 评论 0原文

因此，我有以下系统：有一个客户端应用程序，它请求服务如下：

blar.ServiceSecurity wsSecurity = new blar.ServiceSecurity();
wsSecurity.Url = this.tURL + "Security.asmx";
CookieContainer cc = new CookieContainer();
wsSecurity.CookieContainer = cc;
wsSecurity.ClientCertificates.Add(X509Certificate.CreateFromCertFile(certPath));

blar.LoginResult lr = wsSecurity.Login(login, password);

然后，在 this.tURL + "Security.asmx" 的 Login 处提供 Web 服务 方法必须从以下位置获取 ClientCertificate (certPath)：

Context.Request.ClientCertificate.Certificate;

并对其执行某些操作。

有两个问题：
如果 IIS 的配置显示需要客户端证书，我在调用登录函数时会收到 403.7 错误；
如果 IIS 的配置显示接受客户端证书，我会得到CryptographicException“m_safeCertContext 是无效句柄”；

但是，只有当客户端在 Windows 7 x64 上运行时才会出现这些问题，当在 Windows XP 或 Windows Server 2003 上启动时，它也可以正常工作。

ca 安装在两台机器上，所有测试用例中的配置似乎完全相同，
所以我的问题是“到底是什么？”

原文

So, I have the following system: there is a client app, which requests the service as follows:

blar.ServiceSecurity wsSecurity = new blar.ServiceSecurity();
wsSecurity.Url = this.tURL + "Security.asmx";
CookieContainer cc = new CookieContainer();
wsSecurity.CookieContainer = cc;
wsSecurity.ClientCertificates.Add(X509Certificate.CreateFromCertFile(certPath));

blar.LoginResult lr = wsSecurity.Login(login, password);

then, a web-service at this.tURL + "Security.asmx"'s Login method has to get that ClientCertificate (certPath) from:

Context.Request.ClientCertificate.Certificate;

and do something with it.

There are two problems:
if IIS's configuration says Require client certificates, i get 403.7 error on calling the Login function;
if IIS's configuration says Accept client certificates, i get CryptographicException "m_safeCertContext is an invalid handle";

but, those problems happen only if client works from Windows 7 x64, when launched on Windows XP, or Windows Server 2003 even, it does just fine.

ca is installed on both machines, configuration seems completely identical in all test cases,
so my question is 'What the hell?'

分享到QQ

分享到微博