服务器端的客户端证书始终为空
Client Certificate is always null on server side
我阅读了很多关于如何发送客户端证书的帖子,并且全部都做了,但是在服务器端它是空的。
我在页面上写了这段代码 mytest.aspx.cs
protected void Page_Load(object sender, EventArgs e)
{
string host = @"http://localhost:57855/Temp/index.aspx";
string certName = @"C:\cert.pfx";
string password = @"123456";
try
{
X509Certificate2Collection certificates = new
X509Certificate2Collection();
certificates.Import(certName, password,
X509KeyStorageFlags.MachineKeySet |
X509KeyStorageFlags.PersistKeySet);
ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(host);
req.AllowAutoRedirect = true;
req.ClientCertificates = certificates;
req.Method = "POST";
req.ContentType = "application/x-www-form-urlencoded";
string postData = "login-form-type=cert";
byte[] postBytes = Encoding.UTF8.GetBytes(postData);
req.ContentLength = postBytes.Length;
Stream postStream = req.GetRequestStream();
postStream.Write(postBytes, 0, postBytes.Length);
postStream.Flush();
postStream.Close();
WebResponse resp = req.GetResponse();
Stream stream = resp.GetResponseStream();
using (StreamReader reader = new StreamReader(stream))
{
string line = reader.ReadLine();
while (line != null)
{
Console.WriteLine(line);
line = reader.ReadLine();
}
}
stream.Close();
}
catch (Exception ex)
{
//Console.WriteLine(e);
}
}
我在 index.aspx 页面中写了这段代码
protected void Page_Load(object sender, EventArgs e)
{
bool b = false;
if (HttpContext.Current.Request.ClientCertificate.IsPresent)
b = true;//b is always null
}
我也在使用 IIs express。在 C:\Users\Administrator\Documents\IISExpress\config 的 applicationhost 文件中,我更改了两个部分
<security>
<access sslFlags="SslNegotiateCert" />
....
<authentication>
<clientCertificateMappingAuthentication enabled="true" />
<iisClientCertificateMappingAuthentication enabled="true">
</iisClientCertificateMappingAuthentication>
.........
</security>
我在 mmc=>Certificates/personal/certificates 中安装了 cert.pfx 并且
mmc=>证书(当前用户)/personal/certificates
但总是在索引页面 b 是错误的。
另外我应该说 cert.pfx 不是 ssl 证书。它是一个数字签名证书,并且在证书的 enhanskeyusage 字段中具有客户端身份验证
我在服务器上安装了客户端证书吊销列表并解决了
我阅读了很多关于如何发送客户端证书的帖子,并且全部都做了,但是在服务器端它是空的。
我在页面上写了这段代码 mytest.aspx.cs
protected void Page_Load(object sender, EventArgs e)
{
string host = @"http://localhost:57855/Temp/index.aspx";
string certName = @"C:\cert.pfx";
string password = @"123456";
try
{
X509Certificate2Collection certificates = new
X509Certificate2Collection();
certificates.Import(certName, password,
X509KeyStorageFlags.MachineKeySet |
X509KeyStorageFlags.PersistKeySet);
ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(host);
req.AllowAutoRedirect = true;
req.ClientCertificates = certificates;
req.Method = "POST";
req.ContentType = "application/x-www-form-urlencoded";
string postData = "login-form-type=cert";
byte[] postBytes = Encoding.UTF8.GetBytes(postData);
req.ContentLength = postBytes.Length;
Stream postStream = req.GetRequestStream();
postStream.Write(postBytes, 0, postBytes.Length);
postStream.Flush();
postStream.Close();
WebResponse resp = req.GetResponse();
Stream stream = resp.GetResponseStream();
using (StreamReader reader = new StreamReader(stream))
{
string line = reader.ReadLine();
while (line != null)
{
Console.WriteLine(line);
line = reader.ReadLine();
}
}
stream.Close();
}
catch (Exception ex)
{
//Console.WriteLine(e);
}
}
我在 index.aspx 页面中写了这段代码
protected void Page_Load(object sender, EventArgs e)
{
bool b = false;
if (HttpContext.Current.Request.ClientCertificate.IsPresent)
b = true;//b is always null
}
我也在使用 IIs express。在 C:\Users\Administrator\Documents\IISExpress\config 的 applicationhost 文件中,我更改了两个部分
<security>
<access sslFlags="SslNegotiateCert" />
....
<authentication>
<clientCertificateMappingAuthentication enabled="true" />
<iisClientCertificateMappingAuthentication enabled="true">
</iisClientCertificateMappingAuthentication>
.........
</security>
我在 mmc=>Certificates/personal/certificates 中安装了 cert.pfx 并且 mmc=>证书(当前用户)/personal/certificates
但总是在索引页面 b 是错误的。
另外我应该说 cert.pfx 不是 ssl 证书。它是一个数字签名证书,并且在证书的 enhanskeyusage 字段中具有客户端身份验证
我在服务器上安装了客户端证书吊销列表并解决了