.NET Core 使用 HttpClient SSL 請求出錯的解決辦法
阿新 • • 發佈:2019-03-06
rust async 問題 back 通過 tpc har ann client
問題
使用 HTTP Client 請求 HTTPS 的 API 時出現 The certificate cannot be verified up to a trusted certification authority
異常,並且證書已經傳入。
下面就是問題代碼:
public class Program { public static void Main(string[] args) { var url = @"https://xxx.xxx.xxx.xxx:xxxx/xxx-web/services/xxxx?wsdl"; var handler = new HttpClientHandler { ClientCertificateOptions = ClientCertificateOption.Manual, ClientCertificates = { new X509Certificate2(@"E:\cert\rootTrust.cer","11111111"), new X509Certificate2(@"E:\cert\middleTrust.cer","11111111"), new X509Certificate2(@"E:\cert\wskey.pfx","ws654321") } }; var webRequest = new HttpClient(handler); var result = webRequest.GetStringAsync(url).GetAwaiter().GetResult(); Console.WriteLine(result); } }
原因
因為在發出 HTTPS 請求的時候,HttpClient
都會檢查 SSL 證書是否合法。如果不合法的話,就會導致拋出異常信息,而對方給出的證書是自簽發的測試接口的證書,所以不是一個合法的 SSL 證書。
解決
在 HttpClientHandler
當中會有一個 ServerCertificateCustomValidationCallback
事件,該事件用於判定證書驗證是否通過。我們可以掛接該事件,然後邏輯編寫為直接返回 true
結果,這樣就會忽略掉證書異常的情況。
最新的代碼如下:
public class Program { public static void Main(string[] args) { var url = @"https://xxx.xxx.xxx.xxx:xxxx/xxx-web/services/xxxx?wsdl"; var handler = new HttpClientHandler { ServerCertificateCustomValidationCallback = (message, certificate2, arg3, arg4) => true, ClientCertificateOptions = ClientCertificateOption.Manual, ClientCertificates = { new X509Certificate2(@"E:\cert\rootTrust.cer","11111111"), new X509Certificate2(@"E:\cert\middleTrust.cer","11111111"), new X509Certificate2(@"E:\cert\wskey.pfx","ws654321") } }; var webRequest = new HttpClient(handler); var result = webRequest.GetStringAsync(url).GetAwaiter().GetResult(); Console.WriteLine("xx"); } }
.NET Core 使用 HttpClient SSL 請求出錯的解決辦法