【发布时间】:2016-05-09 18:34:25
【问题描述】:
为了能够使用某些 API,我必须使用 TLS 证书(在 1.1 版本中)。
我的代码如下:
HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://someapi/request/");
request.Method = "POST";
request.ContentType = "application/json";
request.ContentLength = Encoding.UTF8.GetByteCount(postData);
request.KeepAlive = false;
request.ProtocolVersion = HttpVersion.Version11;
ServicePointManager.Expect100Continue = false;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
X509Certificate2 certificate = new X509Certificate2(@"d:\TLScertificate.p12", "password");
X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
try
{
store.Open(OpenFlags.ReadWrite);
if (!store.Certificates.Contains(certificate))
{
store.Add(certificate);
}
int indexOfCertificate = store.Certificates.IndexOf(certificate);
certificate = store.Certificates[indexOfCertificate];
}
finally
{
store.Close();
}
request.ClientCertificates.Add(certificate);
request.PreAuthenticate = true;
using (StreamWriter writer = new StreamWriter(request.GetRequestStream())) // Exception
{
}
在request.GetResponse() 期间,我总是遇到异常:请求被中止:无法创建 SSL/TLS 安全通道。
供应商回答我说:
需要,
您的信任库中的根 Ca v1 test.pem 和 密钥库中的 TLSCertificate
请告诉我我应该如何处理文件 .pem ?应该添加到请求中,和TLScertificate.p12文件一样吗?当我在请求中添加第二个 X509Certificate2(没有任何密码)时,我仍然得到同样的错误。
【问题讨论】:
标签: .net api ssl ssl-certificate x509certificate2