使用 HttpClient 时客户端证书无效
Client certificate is invalid with using HttpClient
我需要 post 使用客户端证书将数据发送到远程服务器。问题是我收到一条消息说客户端证书无效。请参阅下面的 return 消息
StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content:
System.Net.Http.StreamContent, Headers:
{
connection: close
pragma: no-cache
Cache-Control: no-cache
Date: Thu, 01 Oct 2015 04:05:24 GMT
P3P: CP="NON CUR OTPi OUR NOR UNI"
Content-Length: 505
Content-Type: text/html
}
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<!-- Copyright (C) 2000 Tivoli Systems, Inc. -->
<!-- Copyright (C) 1999 IBM Corporation -->
<!-- Copyright (C) 1998 Dascom, Inc. -->
<!-- All Rights Reserved. -->
<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-
8">
<TITLE>Certification authentication failed</TITLE>
</HEAD>
<BODY>
An attempt to authenticate with a client certificate failed.
<BR>
A valid client certificate is required to make this connection.
</BODY>
</HTML>
我尝试了什么:
我得到的证书是Encrypt.p12、Sign.p12、Test_Enc.crt、Test_sign.crt。我双击所有这些证书并安装所有这些。但这对我没有帮助。
根据实施指南,它说对公司的HTTP请求应该使用'Input'的参数名称来指定负载值。所以我尝试的是在内容前面添加"Input="。在我的例子中是 'ReqContent = "Input=" + ''ReqContent;'
所以我做错了什么或者我应该做但没有做的事?
以下是我的代码。
public async Task<string> PostRequest(string ReqContent)
{
//ReqContent = "Input=" + ReqContent; this doesn't solve the certificate issue
WebRequestHandler handler = new WebRequestHandler();
X509Certificate2 certificate = null;
certificate = GetX509Certificate(@"C:\Test certificate\Test_sign.crt");
handler.ClientCertificates.Add(certificate);
HttpClient client = new HttpClient(handler);
client.BaseAddress = new Uri("https://www.somecompany.com /cert/invoke/mm.cdds.common.services");
client.DefaultRequestHeaders.Host = "www.somecompany.com";
client.DefaultRequestHeaders.Add("contenttype", "application/xml");
client.DefaultRequestHeaders.Add("Accept-Encoding", "gzip, deflate");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/xml"));
client.DefaultRequestHeaders.Connection.Clear();
client.DefaultRequestHeaders.Connection.Add("keep-alive");
client.DefaultRequestHeaders.CacheControl = new CacheControlHeaderValue() { NoCache = true };
client.DefaultRequestHeaders.Pragma.Clear();
client.DefaultRequestHeaders.Pragma.Add(new NameValueHeaderValue("no-cache"));
client.DefaultRequestHeaders.UserAgent.Clear();
client.DefaultRequestHeaders.UserAgent.Add(new ProductInfoHeaderValue("Java", "1.6.0_20"));
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("text/html"));
HttpContent _content = new StringContent(ReqContent);
_content.Headers.ContentType = new MediaTypeHeaderValue("application/xml");
_content.Headers.ContentType = new MediaTypeHeaderValue("application/x-www-form-urlencoded");
HttpResponseMessage response = await client.PostAsync(client.BaseAddress, _content);
string result = response.Content.ReadAsStringAsync().Result;
textBox2.Text = response + Environment.NewLine + result;
}
我遇到了同样的问题,因为 HTML 的响应与上面所附的完全相同。
问题实际上是服务器不接受客户端证书。所以需要做的是 "register" 服务器上的客户端证书。
还有一个 header 我从指示我正在连接的服务器的响应中得到:
server: WebSEAL/7.0.0.35 (Build 180731)
我需要 post 使用客户端证书将数据发送到远程服务器。问题是我收到一条消息说客户端证书无效。请参阅下面的 return 消息
StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content:
System.Net.Http.StreamContent, Headers:
{
connection: close
pragma: no-cache
Cache-Control: no-cache
Date: Thu, 01 Oct 2015 04:05:24 GMT
P3P: CP="NON CUR OTPi OUR NOR UNI"
Content-Length: 505
Content-Type: text/html
}
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<!-- Copyright (C) 2000 Tivoli Systems, Inc. -->
<!-- Copyright (C) 1999 IBM Corporation -->
<!-- Copyright (C) 1998 Dascom, Inc. -->
<!-- All Rights Reserved. -->
<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-
8">
<TITLE>Certification authentication failed</TITLE>
</HEAD>
<BODY>
An attempt to authenticate with a client certificate failed.
<BR>
A valid client certificate is required to make this connection.
</BODY>
</HTML>
我尝试了什么:
我得到的证书是Encrypt.p12、Sign.p12、Test_Enc.crt、Test_sign.crt。我双击所有这些证书并安装所有这些。但这对我没有帮助。
根据实施指南,它说对公司的HTTP请求应该使用'Input'的参数名称来指定负载值。所以我尝试的是在内容前面添加"Input="。在我的例子中是 'ReqContent = "Input=" + ''ReqContent;'
所以我做错了什么或者我应该做但没有做的事?
以下是我的代码。
public async Task<string> PostRequest(string ReqContent)
{
//ReqContent = "Input=" + ReqContent; this doesn't solve the certificate issue
WebRequestHandler handler = new WebRequestHandler();
X509Certificate2 certificate = null;
certificate = GetX509Certificate(@"C:\Test certificate\Test_sign.crt");
handler.ClientCertificates.Add(certificate);
HttpClient client = new HttpClient(handler);
client.BaseAddress = new Uri("https://www.somecompany.com /cert/invoke/mm.cdds.common.services");
client.DefaultRequestHeaders.Host = "www.somecompany.com";
client.DefaultRequestHeaders.Add("contenttype", "application/xml");
client.DefaultRequestHeaders.Add("Accept-Encoding", "gzip, deflate");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/xml"));
client.DefaultRequestHeaders.Connection.Clear();
client.DefaultRequestHeaders.Connection.Add("keep-alive");
client.DefaultRequestHeaders.CacheControl = new CacheControlHeaderValue() { NoCache = true };
client.DefaultRequestHeaders.Pragma.Clear();
client.DefaultRequestHeaders.Pragma.Add(new NameValueHeaderValue("no-cache"));
client.DefaultRequestHeaders.UserAgent.Clear();
client.DefaultRequestHeaders.UserAgent.Add(new ProductInfoHeaderValue("Java", "1.6.0_20"));
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("text/html"));
HttpContent _content = new StringContent(ReqContent);
_content.Headers.ContentType = new MediaTypeHeaderValue("application/xml");
_content.Headers.ContentType = new MediaTypeHeaderValue("application/x-www-form-urlencoded");
HttpResponseMessage response = await client.PostAsync(client.BaseAddress, _content);
string result = response.Content.ReadAsStringAsync().Result;
textBox2.Text = response + Environment.NewLine + result;
}
我遇到了同样的问题,因为 HTML 的响应与上面所附的完全相同。
问题实际上是服务器不接受客户端证书。所以需要做的是 "register" 服务器上的客户端证书。
还有一个 header 我从指示我正在连接的服务器的响应中得到:
server: WebSEAL/7.0.0.35 (Build 180731)