"Could not establish trust relationship for the SSL/TLS secure channel." signalr2.2、https、.net 客户端、自定义证书出现异常
"Could not establish trust relationship for the SSL/TLS secure channel." Exception on signalr2.2, https, .net client, custom certificate
我在使用自定义自签名证书测试 signalr .net 客户端时遇到一些异常。
http上也不例外。
在我的代码中设置自签名证书有什么问题吗?
请注意,我的证书文件没有问题,因为它可以很好地运行我的 https mvc 站点。
服务器端代码:asp.net,azure local fabric
[assembly: OwinStartup(typeof(BookohWebRole.Startup))]
namespace BookohWebRole
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
var hubConfiguration = new HubConfiguration();
hubConfiguration.EnableDetailedErrors = true;
hubConfiguration.EnableJavaScriptProxies = false;
//GlobalHost.HubPipeline.AddModule(new ErrorHandlingPipelineModule());
app.MapSignalR(hubConfiguration);
}
}
}
public class ChatHub : Hub
{
public override Task OnConnected()
{
Trace.TraceInformation("OnConnected");
var authToken = Context.QueryString.Get("AuthToken");
Trace.TraceInformation("authToken : " + authToken);
return base.OnConnected();
}
public override Task OnDisconnected(bool stopCalled)
{
Trace.TraceInformation("OnDisconnected");
return base.OnDisconnected(stopCalled);
}
public override Task OnReconnected()
{
Trace.TraceInformation("OnReconnected");
var authToken = Context.QueryString.Get("AuthToken");
Trace.TraceInformation("authToken : " + authToken);
return base.OnReconnected();
}
public void Send(string name, string message)
{
Trace.TraceInformation("Context.ConnectionId : " + Context.ConnectionId);
Clients.All.onSend(name, message);
}
}
客户端代码:.net 客户端,单元测试方法
[TestMethod]
public void chat()
{
var ev = new AutoResetEvent(false);
Task.Run(async () =>
{
try
{
ServicePointManager.DefaultConnectionLimit = 10;
var queryString = new Dictionary<string, string>();
queryString.Add("AuthToken", Guid.NewGuid().ToString());
//https://localhost:44302/
//http://localhost:22792/
var hubConnection = new HubConnection("https://localhost:44302/");
hubConnection.Credentials = CredentialCache.DefaultCredentials;
hubConnection.AddClientCertificate(X509Certificate.CreateFromCertFile("bookoh.cer"));
hubConnection.TraceLevel = TraceLevels.All;
hubConnection.TraceWriter = Console.Out;
IHubProxy chatHubProxy = hubConnection.CreateHubProxy("ChatHub");
await hubConnection.Start();
chatHubProxy.On<string, string>("onSend", (name, message) =>
{
Trace.TraceInformation("onSend name : " + name);
Trace.TraceInformation("onSend message : " + message);
ev.Set();
});
Trace.TraceInformation("chatHubProxy.Invoke");
await chatHubProxy.Invoke("Send", "hhd2002", "hello");
}
catch (Exception ex)
{
Trace.TraceInformation("ex : " + ex);
}
});
ev.WaitOne();
}
客户端程序上的完整异常消息
vstest.executionengine.x86.exe Information: 0 : ex : System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
看起来您的实际异常消息是
The remote certificate is invalid according to the validation procedure.
这很可能是因为它是自签名的,而不是由受信任的证书颁发机构签名的。看起来这里已经回答了这个问题:
C# Ignore certificate errors?
我遇到了这个问题,这是由于 expired/missing Digi Cert Global Root G2 证书造成的。
我相信如果你向 Microsoft 提出它,他们会为你提供一个新证书,但是我只是从另一台机器上应用它。
我在使用自定义自签名证书测试 signalr .net 客户端时遇到一些异常。
http上也不例外。
在我的代码中设置自签名证书有什么问题吗?
请注意,我的证书文件没有问题,因为它可以很好地运行我的 https mvc 站点。
服务器端代码:asp.net,azure local fabric
[assembly: OwinStartup(typeof(BookohWebRole.Startup))]
namespace BookohWebRole
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
var hubConfiguration = new HubConfiguration();
hubConfiguration.EnableDetailedErrors = true;
hubConfiguration.EnableJavaScriptProxies = false;
//GlobalHost.HubPipeline.AddModule(new ErrorHandlingPipelineModule());
app.MapSignalR(hubConfiguration);
}
}
}
public class ChatHub : Hub
{
public override Task OnConnected()
{
Trace.TraceInformation("OnConnected");
var authToken = Context.QueryString.Get("AuthToken");
Trace.TraceInformation("authToken : " + authToken);
return base.OnConnected();
}
public override Task OnDisconnected(bool stopCalled)
{
Trace.TraceInformation("OnDisconnected");
return base.OnDisconnected(stopCalled);
}
public override Task OnReconnected()
{
Trace.TraceInformation("OnReconnected");
var authToken = Context.QueryString.Get("AuthToken");
Trace.TraceInformation("authToken : " + authToken);
return base.OnReconnected();
}
public void Send(string name, string message)
{
Trace.TraceInformation("Context.ConnectionId : " + Context.ConnectionId);
Clients.All.onSend(name, message);
}
}
客户端代码:.net 客户端,单元测试方法
[TestMethod]
public void chat()
{
var ev = new AutoResetEvent(false);
Task.Run(async () =>
{
try
{
ServicePointManager.DefaultConnectionLimit = 10;
var queryString = new Dictionary<string, string>();
queryString.Add("AuthToken", Guid.NewGuid().ToString());
//https://localhost:44302/
//http://localhost:22792/
var hubConnection = new HubConnection("https://localhost:44302/");
hubConnection.Credentials = CredentialCache.DefaultCredentials;
hubConnection.AddClientCertificate(X509Certificate.CreateFromCertFile("bookoh.cer"));
hubConnection.TraceLevel = TraceLevels.All;
hubConnection.TraceWriter = Console.Out;
IHubProxy chatHubProxy = hubConnection.CreateHubProxy("ChatHub");
await hubConnection.Start();
chatHubProxy.On<string, string>("onSend", (name, message) =>
{
Trace.TraceInformation("onSend name : " + name);
Trace.TraceInformation("onSend message : " + message);
ev.Set();
});
Trace.TraceInformation("chatHubProxy.Invoke");
await chatHubProxy.Invoke("Send", "hhd2002", "hello");
}
catch (Exception ex)
{
Trace.TraceInformation("ex : " + ex);
}
});
ev.WaitOne();
}
客户端程序上的完整异常消息
vstest.executionengine.x86.exe Information: 0 : ex : System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
看起来您的实际异常消息是
The remote certificate is invalid according to the validation procedure.
这很可能是因为它是自签名的,而不是由受信任的证书颁发机构签名的。看起来这里已经回答了这个问题:
C# Ignore certificate errors?
我遇到了这个问题,这是由于 expired/missing Digi Cert Global Root G2 证书造成的。
我相信如果你向 Microsoft 提出它,他们会为你提供一个新证书,但是我只是从另一台机器上应用它。