带有 SSL 证书的 .Net Core 连接服务
.Net Core Connected Service with SSL Certificate
我正在尝试向使用 SSL 证书进行通信的 Web 服务端点发出请求。我花了几个小时在谷歌上搜索一个例子,但到目前为止还没有找到什么。
我确实通过直接导航到 wsdl 和 xsd 文件,手动保存它们并将 WCF Web 服务引用提供程序指向包含目录,基于 this 解决方案。我还尝试使用 winhttpcertcfg.exe 安装证书,但无法获得成功打开通道以直接从 WSDL 生成客户端的工具。
现在我已经生成了客户端,但我不知道如何正确添加证书。这是我目前的代码
// Get the certificate
var testCert = new X509Certificate2(System.IO.File.ReadAllBytes("C://SecureCert.PFX"), "##########");
//Create instance of SOAP client
HostedCollectionPaymentService.OnlineService_v2_2Client soapClient = new OnlineService_v2_2Client(new BasicHttpsBinding(BasicHttpsSecurityMode.Transport), new EndpointAddress("https://secure.service.endpoint.com/2.2/"));
// Add the certificate to the client
soapClient.ClientCredentials.ClientCertificate.Certificate = testCert;
using (new OperationContextScope(soapClient.InnerChannel))
{
try
{
var result = await soapClient.startOnlineCollectionAsync(new StartOnlineCollectionRequest
{
app_id = "12344",
tracking_id = "fdsa43531",
transaction_amount = 5.00m,
transaction_type = TransactionType.Sale
});
Console.WriteLine(result.startOnlineCollectionResponse.token);
}
catch (Exception ex)
{
var f = ex;
throw;
}
}
当我尝试连接时,我收到响应"Message = "无法为具有权限 'secure.service.endpoint.com' 的 SSL/TLS 安全通道建立信任关系。
我已验证证书有效并且我能够使用 SoapUI 工具集连接到该服务。
我假设我缺少配置或错误地附加了 SSL 证书。如果有人可以提供建议或指出适当的文档,我将不胜感激。
想通了。我需要这个额外的配置行。
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
这是一个示例,供那些询问它包含在何处的人使用。在我的例子中,它用于支付网关服务。
// Get the cert
var myCertificate = await GetMyCertificate(); //X509Cert
// Create a new binding to specify certificate security
var binding = new BasicHttpsBinding()
{
Name = "basic_ssl_cert"
};
// Specify the credential type
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
//Create instance of SOAP client
QaPaymentService.PaymentOnlineService_v2_Client soapClient = new QaPaymentService.PaymentOnlineService_v2_Client(binding, new EndpointAddress(onlinePaymentServiceEndpoint));
// Add the certificate to the client
soapClient.ClientCredentials.ClientCertificate.Certificate = myCertificate;
using (new OperationContextScope(soapClient.InnerChannel))
{
try
{
var result = soapClient.completeOnlineCollectionAsync(new QaPaymentService.CompleteOnlineCollectionRequest
{
app_id = appId,
token = token
}).GetAwaiter().GetResult();
return (result.completeOnlineCollectionResponse.tracking_id);
}
catch (FaultException<QaPaymentService.PaymentServiceFault> ex)
{
// Extract the actuall error from the service fault
throw new myServiceException(ex.Detail.return_detail, ex)
{
ErrorDetail = ex.Detail.return_detail,
ErrorCode = ex.Detail.return_code
};
}
catch (Exception ex)
{
logger.LogError($"Error completing transaction from QA my service: {ex.Message}", ex);
throw ex;
}
}
我正在尝试向使用 SSL 证书进行通信的 Web 服务端点发出请求。我花了几个小时在谷歌上搜索一个例子,但到目前为止还没有找到什么。
我确实通过直接导航到 wsdl 和 xsd 文件,手动保存它们并将 WCF Web 服务引用提供程序指向包含目录,基于 this 解决方案。我还尝试使用 winhttpcertcfg.exe 安装证书,但无法获得成功打开通道以直接从 WSDL 生成客户端的工具。
现在我已经生成了客户端,但我不知道如何正确添加证书。这是我目前的代码
// Get the certificate
var testCert = new X509Certificate2(System.IO.File.ReadAllBytes("C://SecureCert.PFX"), "##########");
//Create instance of SOAP client
HostedCollectionPaymentService.OnlineService_v2_2Client soapClient = new OnlineService_v2_2Client(new BasicHttpsBinding(BasicHttpsSecurityMode.Transport), new EndpointAddress("https://secure.service.endpoint.com/2.2/"));
// Add the certificate to the client
soapClient.ClientCredentials.ClientCertificate.Certificate = testCert;
using (new OperationContextScope(soapClient.InnerChannel))
{
try
{
var result = await soapClient.startOnlineCollectionAsync(new StartOnlineCollectionRequest
{
app_id = "12344",
tracking_id = "fdsa43531",
transaction_amount = 5.00m,
transaction_type = TransactionType.Sale
});
Console.WriteLine(result.startOnlineCollectionResponse.token);
}
catch (Exception ex)
{
var f = ex;
throw;
}
}
当我尝试连接时,我收到响应"Message = "无法为具有权限 'secure.service.endpoint.com' 的 SSL/TLS 安全通道建立信任关系。
我已验证证书有效并且我能够使用 SoapUI 工具集连接到该服务。
我假设我缺少配置或错误地附加了 SSL 证书。如果有人可以提供建议或指出适当的文档,我将不胜感激。
想通了。我需要这个额外的配置行。
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
这是一个示例,供那些询问它包含在何处的人使用。在我的例子中,它用于支付网关服务。
// Get the cert
var myCertificate = await GetMyCertificate(); //X509Cert
// Create a new binding to specify certificate security
var binding = new BasicHttpsBinding()
{
Name = "basic_ssl_cert"
};
// Specify the credential type
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
//Create instance of SOAP client
QaPaymentService.PaymentOnlineService_v2_Client soapClient = new QaPaymentService.PaymentOnlineService_v2_Client(binding, new EndpointAddress(onlinePaymentServiceEndpoint));
// Add the certificate to the client
soapClient.ClientCredentials.ClientCertificate.Certificate = myCertificate;
using (new OperationContextScope(soapClient.InnerChannel))
{
try
{
var result = soapClient.completeOnlineCollectionAsync(new QaPaymentService.CompleteOnlineCollectionRequest
{
app_id = appId,
token = token
}).GetAwaiter().GetResult();
return (result.completeOnlineCollectionResponse.tracking_id);
}
catch (FaultException<QaPaymentService.PaymentServiceFault> ex)
{
// Extract the actuall error from the service fault
throw new myServiceException(ex.Detail.return_detail, ex)
{
ErrorDetail = ex.Detail.return_detail,
ErrorCode = ex.Detail.return_code
};
}
catch (Exception ex)
{
logger.LogError($"Error completing transaction from QA my service: {ex.Message}", ex);
throw ex;
}
}