30 分钟后 mage.exe 出现 ERROR_INTERNET_CONNECTION_RESET 错误
作为 ClickOnce 部署的一部分,我正在运行 mage.exe,
mage.exe -Sign "manifest file" -CertFile Cert.pfx -Password yepit5right -TimeStampUri http://timestamp.verisign.com/scripts/timstamp.dll
证书首先来自 Verisign,因此使用他们的时间戳服务。
这在某些机器上运行良好,但在其他机器上则不然,并且它们返回非常可读的错误代码 -2147012865,该代码转换为错误 12031 - ERROR_INTERNET_CONNECTION_RESET。
我可以通过该计算机上的 IE 连接到 stackoverflow.com 等网站,因此它所需的代理设置似乎是正确的。
mage.exe 是否支持代理验证?一年多前,在我们进行重大的出站代理更改之前,这曾经是有效的,我认为这包括从非身份验证更改为在代理层使用集成身份验证。
谢谢
As part of a ClickOnce deployment I'm running mage.exe
mage.exe -Sign "manifest file" -CertFile Cert.pfx -Password yepit5right -TimeStampUri http://timestamp.verisign.com/scripts/timstamp.dll
the certificate comes from Verisign in the first place so using their timestamping service.
This works fine on some machines but not others, and they come back with the very readable error code of -2147012865 which translates to error 12031 - ERROR_INTERNET_CONNECTION_RESET.
I can connect out through IE on that machine to sites such as stackoverflow.com and so the proxy settings which it needs appear to be correct.
Does mage.exe support authenticating proxies? This used to work, over a year ago now, before we had a major outbound proxy change which I think included changing from non-authenticating to using integrated authentication at the proxy layer.
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这不是一个很好的答案,但事实证明,当向时间戳服务发出请求时,mage.exe 无法通过代理进行身份验证。
为了解决此限制,我已将源计算机和目标 URL 添加到出站代理的请求“白名单”中,无需代理身份验证即可允许发出这些请求。正如您想象的那样,在安全团队拥有该列表的企业环境中执行此操作并不是一项简单的任务,因此我更喜欢破解技术难题。
添加后,mage.exe 就开始按预期运行,并且与我们在具有非身份验证代理的测试环境中的运行情况一样。
Not a great answer but it turns out that mage.exe cannot authenticate through to a proxy when making the request out to the timestamping service.
To get around this restriction I have added the source machine and the target URL to our outbound proxy's "whitelist" of requests that are allowed out without requiring proxy authentication. As you could imaging doing this within a corporate environment where the security team own that list was not a simple task, I much prefer cracking the technical nut.
As soon as this was added mage.exe started behaving as expected, and as it behaves in our test environments which have a non-authenticating proxy.