【发布时间】:2017-02-19 01:49:26
【问题描述】:
问题:
尝试在 Kestrel/.net core 上使用实现 SSL
错误信息:
托管调试助手“FatalExecutionEngineError”检测到
'C:\my.exe'中的问题。附加信息:运行时有 遇到致命错误。错误的地址是0x053150a3, 在线程0x1c44上。错误代码是0xc0000005。这个错误可能是 CLR 或用户的不安全或不可验证部分中的错误 代码。此错误的常见来源包括用户编组错误 COM 互操作或 PInvoke,这可能会损坏堆栈。
要求的答案:
我怀疑我的问题是我的证书,如下所述。如果这是真的,我将不胜感激有关如何创建 .pfx 文件的分步说明。另外,我不明白证书是如何存储的:IIS 和 IIS Express 是否都需要不同的证书,或者它们是否在注册表中查找并使用通用证书?
代码:
public static void Main(string[] args)
{
string env = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
var config = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("hosting.json", optional: true)
.AddJsonFile($"appsettings.{env}.json", optional: false)
.AddCommandLine(args) // will get server.urls from command line
.Build();
X509Certificate2 xCert = new X509Certificate2("localhostSSLCert.pfx", config["Data:SSLPassword"]);
var host = new WebHostBuilder()
.UseKestrel(x => x.UseHttps(xCert))
.UseConfiguration(config)
.UseContentRoot(Directory.GetCurrentDirectory())
//.UseUrls("http://localhost:53389/")
.UseIISIntegration()
.UseStartup<Startup>()
.Build();
try
{
host.Run();
}
catch (Exception ex)
{
string y = ex.Message;
}
}
我做了什么调试:
当我单步执行我的代码并查看证书(我的代码中为 xCert)时,它似乎是一个有效的对象,这意味着 .net 已正确读取文件(我看到了我的域名等)。
但是我仍然怀疑我的问题是证书。我发现许多文章试图解释如何生成 .pfx 文件。
我用来生成我正在使用的 .pfx 文件的主要文章是这样的:
https://blogs.msdn.microsoft.com/robert_mcmurray/2013/11/15/how-to-trust-the-iis-express-self-signed-certificate/
我研究过的其他文章:
creating valid test SSL certificates for IIS http://dotnetthoughts.net/how-to-setup-https-on-kestrel/ http://rainabba.blogspot.com/2014/03/ssl-certs-for-iis-with-pfx-once-and-for.html
我无法使用证书 MMC 管理单元导出证书。 .pfx 选项始终处于禁用状态。
项目.json
{
"version": "1.0.0-*",
"userSecretsId": "aspnet-WebApp1-c23d27a4-eb88-4b18-9b77-2a93u3b15119",
"dependencies": {
"Microsoft.Extensions.Logging": "1.0.0",
"Blog.Core": "1.0.0-*",
"Blog.Domain": "1.0.0-*",
"Blog.Model": "1.0.0-*",
"Blog.Services": "1.0.0-*",
"Microsoft.Extensions.Caching.Memory": "1.0.0",
"Microsoft.Extensions.Caching.Abstractions": "1.0.0",
"Microsoft.AspNetCore.Server.IISIntegration": "1.0.0",
"Microsoft.AspNetCore.Session": "1.0.0",
"Microsoft.Extensions.Configuration.EnvironmentVariables": "1.0.0",
"Microsoft.Extensions.Configuration.FileExtensions": "1.0.0",
"Microsoft.Extensions.Configuration.Json": "1.0.0",
"Microsoft.Extensions.Logging.Console": "1.0.0",
"Microsoft.Extensions.Logging.Debug": "1.0.0",
"NETStandard.Library": "1.6.0",
"Autofac.Extensions.DependencyInjection": "4.0.0",
"Microsoft.Extensions.Configuration.CommandLine": "1.0.0",
"Microsoft.AspNetCore.Mvc": "1.0.1",
"Microsoft.AspNetCore.Server.Kestrel": "1.0.1",
"Autofac": "4.1.1",
"Microsoft.ApplicationInsights.AspNetCore": "1.0.2",
"Microsoft.AspNetCore.Server.Kestrel.Https": "1.0.1"
},
"tools": {
"Microsoft.AspNetCore.Server.IISIntegration.Tools": "1.0.0-preview2-final"
},
"frameworks": {
"net462": {
"frameworkAssemblies": {
"System.Drawing": "4.0.0.0"
}
}
},
"buildOptions": {
"emitEntryPoint": true,
"preserveCompilationContext": true
},
"runtimeOptions": {
"gcServer": true
},
"publishOptions": {
"include": [
"wwwroot",
"Views",
"appsettings.json",
"appsettings.prod.json",
"appsettings.development.json",
"logs",
"web.config"
]
},
"scripts": {
"postpublish": [ "dotnet publish-iis --publish-folder %publish:OutputPath% --framework %publish:FullTargetFramework%" ]
}
}
【问题讨论】:
-
谢谢,我相信我的问题是生成 .pfx 文件。该示例显示了我尝试过的不同的 UseHttps 重载。
标签: ssl asp.net-core kestrel-http-server