【发布时间】:2014-12-17 14:16:51
【问题描述】:
我需要通过 https 访问其证书存在问题的 Web 服务。在 chrome 中显示网站的身份已确认,但没有公开入口。
向该 url 发出 httprequest 时,我收到错误 System.Net.WebExceptionStatus.SecureChannelFailure
“请求中止:无法创建 SSL/TLS 安全通道。”
我尝试使用
禁用证书验证ServicePointManager.ServerCertificateValidationCallback += ValidateRemoteCertificate;
private static bool ValidateRemoteCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
{
// If the certificate is a valid, signed certificate, return true.
if (error == System.Net.Security.SslPolicyErrors.None)
{
return true;
}
Console.WriteLine("X509Certificate [{0}] Policy Error: '{1}'",
cert.Subject,
error.ToString());
return false;
}
但是回调甚至没有被命中。如果我请求一个不同的(有效的)URL,就会触发回调。
有什么方法可以进一步调试问题?
这是完整的示例代码:
private void button1_Click(object sender, EventArgs e)
{
string url = "https://domainwithsslissues.";
string method = "get";
ServicePointManager.ServerCertificateValidationCallback += ValidateRemoteCertificate;
HttpWebRequest ws = (HttpWebRequest)WebRequest.Create(url);
ws.Credentials = CredentialCache.DefaultCredentials;
ws.Method = method;
using (HttpWebResponse webResponse = (HttpWebResponse)ws.GetResponse())
{
using (Stream responseStream = webResponse.GetResponseStream())
{
using (StreamReader responseStreamReader = new StreamReader(responseStream, true))
{
string response = responseStreamReader.ReadToEnd();
Console.WriteLine(response);
responseStreamReader.Close();
}
responseStream.Close();
}
webResponse.Close();
}
}
private static bool ValidateRemoteCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
{
if (error == System.Net.Security.SslPolicyErrors.None)
{
return true;
}
Console.WriteLine("X509Certificate [{0}] Policy Error: '{1}'",
cert.Subject,
error.ToString());
return false;
}
【问题讨论】: