.net core docker 如何使用 httpclient 在代码中访问 pfx 证书?试图从需要证书的容器访问外部 api
.net core docker how to access pfx certificate in code with httpclient? trying to access an external api from container which needs cert
- 这就是我在本地计算机上使用它的方式。我使用此 pfx 证书从外部 API.
获取数据
services.AddHttpClient("test", c =>{}).ConfigurePrimaryHttpMessageHandler(() =>
{
var handler = new HttpClientHandler
{
ClientCertificateOptions = ClientCertificateOption.Manual,
SslProtocols = SslProtocols.Tls12
}
handler.ClientCertificates.Add(newX509Certificate2("pathtopfxcert", "pathtokey"));
return handler;
}
- 但是当 运行 在 RHEL Container
中时,这段代码会抛出如下错误
fail: Microsoft.AspNetCore.Server.Kestrel[13]
Connection id "0HM47J1331JFT", Request id "0HM47J1331JFT:00000001": An unhandled exception was thrown by the application.
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
- 如何解决这个问题?我应该更改密码吗?
在 rhel 图像中使用时,我需要设置
ENV WEBSITE_PRIVATE_CERTS_PATH="pathtopfxcert"
在 dockerfile 中使用
将 .pfx 证书复制到同一路径
COPY localpfxpath.px pathtopfxcert
- 这就是我在本地计算机上使用它的方式。我使用此 pfx 证书从外部 API. 获取数据
services.AddHttpClient("test", c =>{}).ConfigurePrimaryHttpMessageHandler(() =>
{
var handler = new HttpClientHandler
{
ClientCertificateOptions = ClientCertificateOption.Manual,
SslProtocols = SslProtocols.Tls12
}
handler.ClientCertificates.Add(newX509Certificate2("pathtopfxcert", "pathtokey"));
return handler;
}
- 但是当 运行 在 RHEL Container 中时,这段代码会抛出如下错误
fail: Microsoft.AspNetCore.Server.Kestrel[13]
Connection id "0HM47J1331JFT", Request id "0HM47J1331JFT:00000001": An unhandled exception was thrown by the application.
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
- 如何解决这个问题?我应该更改密码吗?
在 rhel 图像中使用时,我需要设置
ENV WEBSITE_PRIVATE_CERTS_PATH="pathtopfxcert"
在 dockerfile 中使用
将 .pfx 证书复制到同一路径COPY localpfxpath.px pathtopfxcert