Warning: file_get_contents(/data/phpspider/zhask/data//catemap/5/ember.js/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
.net 如何使用客户端证书/相互身份验证调用web服务?_.net_Vb.net_Authentication_Certificate_Webservice Client - Fatal编程技术网
Fatal编程技术网
  • .net/
  • .net 如何使用客户端证书/相互身份验证调用web服务?

.net 如何使用客户端证书/相互身份验证调用web服务?

.net vb.net authentication certificate

.net 如何使用客户端证书/相互身份验证调用web服务?,.net,vb.net,authentication,certificate,webservice-client,.net,Vb.net,Authentication,Certificate,Webservice Client,我正在使用vb.net构建一个web服务客户端。web服务使用ssl、基本身份验证进行保护,并且还需要客户端证书。因此,我在Visual Studio中创建了一个web引用,并提供了凭据: Dim cred As New System.Net.NetworkCredential("usr", "passwd") Dim proxy As New SimpleFromLocal.simple proxy.Credentials = cred Console.WriteLine(proxy.hel

我正在使用vb.net构建一个web服务客户端。web服务使用ssl、基本身份验证进行保护,并且还需要客户端证书。因此,我在Visual Studio中创建了一个web引用,并提供了凭据:

Dim cred As New System.Net.NetworkCredential("usr", "passwd")
Dim proxy As New SimpleFromLocal.simple
proxy.Credentials = cred

Console.WriteLine(proxy.helloWorld())
只要我在服务器端关闭相互身份验证,这就可以正常工作。 我添加了一个客户端证书,如下所示:

Dim cert As X509Certificate = X509Certificate.CreateFromCertFile(certFile)
proxy.ClientCertificates.Add(cert)
已加载证书,但web服务调用失败。我可以发布例外,但它是德语的,这本身就是一个问题。它基本上说:身份验证失败,因为远程站点关闭了连接。 我尝试在服务器端调试ssl握手,但看起来客户端证书没有传输

那么我在这里错过了什么?是否需要在本地计算机上安装客户端证书

编辑:引发的错误:

System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> 
System.IO.IOException: Authentication failed because the remote party has closed the transport stream. 
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.TlsStream.CallProcessAuthentication(Object state)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at CCClient.SimpleFromLocal.simple.helloWorld() in C:\TP\CCClient\CCClient\Web References\SimpleFromLocal\Reference.vb:Zeile 90.
at CCClient.Module1.clientWithProxy(NetworkCredential cred, String certFile)
in C:\TP\CCClient\CCClient\Module1.vb:Zeile 53.
终于

这使我尝试使用
X509Certificate2
(注意类名中的2)。我将其与只包含一个证书的PKCS#12密钥库一起使用。以下是我所做的:

创建密钥库文件

我用Java来做这个。创建自签名证书后,需要将其导出为所需格式:

keytool -importkeystore -srckeystore keystore.jks \
        -srcstoretype JKS \
        -destkeystore keystore.pfx \
        -deststoretype PKCS12
注意:将证书导出到文件并直接使用它不起作用

向代理添加客户端证书

Dim proxy As New SimpleFromLocal.simple
Dim cred As New NetworkCredential("usr", "passwd")
Dim cert As New X509Certificate2(certFile, "passwd")
proxy.Credentials = cred
proxy.ClientCertificates.Add(cert)

Console.WriteLine(proxy.helloWorld())
就这样。无论出于何种原因,使用
X509Certificate
相同的设置都会失败。

最后

这使我尝试使用
X509Certificate2
(注意类名中的2)。我将其与只包含一个证书的PKCS#12密钥库一起使用。以下是我所做的:

创建密钥库文件

我用Java来做这个。创建自签名证书后,需要将其导出为所需格式:

keytool -importkeystore -srckeystore keystore.jks \
        -srcstoretype JKS \
        -destkeystore keystore.pfx \
        -deststoretype PKCS12
注意:将证书导出到文件并直接使用它不起作用

向代理添加客户端证书

Dim proxy As New SimpleFromLocal.simple
Dim cred As New NetworkCredential("usr", "passwd")
Dim cert As New X509Certificate2(certFile, "passwd")
proxy.Credentials = cred
proxy.ClientCertificates.Add(cert)

Console.WriteLine(proxy.helloWorld())
就这样。无论出于何种原因,使用
X509Certificate
相同的设置都会失败。

在.NET中,有时需要指定System.NET.ServicePointManager.SecurityProtocol=System.NET.SecurityProtocolType.Ssl3//使用SSL3避免握手问题在.NET中有时需要指定握手System.NET.ServicePointManager.SecurityProtocol=System.NET.SecurityProtocolType.SSL3//使用SSL3避免握手问题