带有 ClientCertificate 的 Webclient DownloadFile

Webclient DownloadFile with ClientCertificate

我正在尝试在 url 上下载 pfx 文件。在 chrome 上,当我打开 link 时,我必须 select 一个证书,然后才能登录。但是当我用 C# WebClient 尝试它时,我收到错误 403 "Forbidden".

如何以编程方式指定证书或绕过此步骤?

我的代码:

using (var client = new System.Net.WebClient())
{
    client.Credentials = new System.Net.NetworkCredential(MyLogin, MyPassword);
    client.DownloadFile(MyUrl, MyFile);
}

我终于找到了解决方案:重写 WebClient!

新网络客户端:

public class MyWebClient : WebClient
{
    X509Certificate2 certificate;

    public MyWebClient(X509Certificate2 certificate)
        : base()
    {
        this.certificate = certificate;
    }

    protected override WebRequest GetWebRequest(Uri address)
    {
        HttpWebRequest request = (HttpWebRequest)WebRequest.Create(address);
        request.ClientCertificates.Add(certificate);
        request.Credentials = this.Credentials;
        return request;
    }
}

使用方法:

using (var client = new MyWebClient(MyCertificate))
{
    // optional login/password if website require both. If not, don't set the credentials
    client.Credentials = new System.Net.NetworkCredential(MyLogin, MyPassword);
    client.DownloadFile(MyUrl, MyFile);
}

即使有人偶然发现了这个问题和答案,WebClient 覆盖的实现也应该略有不同。

public class ExtendedWebClient : System.Net.WebClient
{
    X509Certificate2 _certificate;

    public ExtendedWebClient() : base() { }

    public ExtendedWebClient(X509Certificate2 certificate) : base()
    {
        _certificate = certificate;
    }

    protected override WebRequest GetWebRequest(Uri address)
    {
        // Base method creates HttpWebRequest and sets other needed stuff like POST method or authentication/authorization headers.
        HttpWebRequest request = (HttpWebRequest)base.Create(address);
        if(_certificate!=null && address.Schema=="https")
            request.ClientCertificates.Add(_certificate);            
        return request;
    }
}

然后在 "htttps" 上请求时将其用作原始证书或与客户端证书一起使用,如

// For download
using(var client = new ExtendedWebClient(MyCertificate))
{
    // Add anything optional like authnetication or header here.
    client.DownloadFile(MyUrl, MyFile);
}

// ...

// Or for upload
using(var client = new ExtendedWebClient(MyCertificate))
{
    // Add anything optional like authnetication or header here.
    client.UploadFile(MyUrl, "POST", MyFile);
}