Fatal编程技术网
  • csharp/
  • C# 客户端证书身份验证错误:";System.IO.IOException:身份验证失败,因为远程方已关闭传输流;

C# 客户端证书身份验证错误:";System.IO.IOException:身份验证失败,因为远程方已关闭传输流;

c#

C# 客户端证书身份验证错误:";System.IO.IOException:身份验证失败,因为远程方已关闭传输流;,c#,client-certificates,C#,Client Certificates,从.Net appclication使用客户端证书的身份验证发送https请求会导致“System.IO.IOException:身份验证失败,因为远程方已关闭传输流”错误 ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; var url = "https://yyyyyyyy:8081/xxxxxxxxx; HttpWebRequest request = (HttpWebRequest)HttpWebRequ

从.Net appclication使用客户端证书的身份验证发送https请求会导致“System.IO.IOException:身份验证失败,因为远程方已关闭传输流”错误

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var url = "https://yyyyyyyy:8081/xxxxxxxxx;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
X509Certificate2 cert = new X509Certificate2();
cert.Import("zzzzzz.pfx");
if (!cert.HasPrivateKey) throw new Exception("Certificate has no private key");
request.ClientCertificates.Add(cert);
if (request.ClientCertificates.Count != 1) throw new Exception("Certificate not loaded");
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
// Bumm!!
相同的请求与t相同的客户端证书适用于postman,也适用于curl

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var url = "https://yyyyyyyy:8081/xxxxxxxxx;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
X509Certificate2 cert = new X509Certificate2();
cert.Import("zzzzzz.pfx");
if (!cert.HasPrivateKey) throw new Exception("Certificate has no private key");
request.ClientCertificates.Add(cert);
if (request.ClientCertificates.Count != 1) throw new Exception("Certificate not loaded");
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
// Bumm!!
同一个.Net应用程序可在其他环境中运行

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var url = "https://yyyyyyyy:8081/xxxxxxxxx;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
X509Certificate2 cert = new X509Certificate2();
cert.Import("zzzzzz.pfx");
if (!cert.HasPrivateKey) throw new Exception("Certificate has no private key");
request.ClientCertificates.Add(cert);
if (request.ClientCertificates.Count != 1) throw new Exception("Certificate not loaded");
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
// Bumm!!
未处理的异常:System.Net.WebException:基础连接已关闭:发送时发生意外错误。-->System.IO.IOException:身份验证失败,因为远程方已关闭传输流。

仅供参考,使用curl发出相同的查询没有任何问题:

curl --tlsv1.2 -v \
  --cacert ca_crt.pem \
  --cert cert.pem \
  --key key.pem \
  https://yyyyyyyy:8081/xxxxxxxxx
并使用以下密码套件:

* SSL connection using TLS_RSA_WITH_AES_256_CBC_SHA
解决了!问题是缺少密码“TLS_RSA_WITH_AES_256_CBC_SHA256”(由于安全规则…)

如果查看
WebException的
响应
属性会发生什么?这可能会给您服务器产生的确切错误您是否以正确的权限运行应用程序?你试过在管理员权限下运行它吗?@Martin:我没有得到响应,在我以管理员身份运行它之前引发了异常,没有什么区别。你刚刚救了我的命!