C# Android Http客户端,允许我从密钥库添加客户端证书
我正在尝试添加通过此方法获得的客户端证书:C# Android Http客户端,允许我从密钥库添加客户端证书,c#,android,xamarin.android,certificate,x509certificate,C#,Android,Xamarin.android,Certificate,X509certificate,我正在尝试添加通过此方法获得的客户端证书: private X509Certificate[] GetCertificateChain(string alias) { try { return KeyChain.GetCertificateChain(this, alias); } catch (KeyChainException e) { }
private X509Certificate[] GetCertificateChain(string alias)
{
try
{
return KeyChain.GetCertificateChain(this, alias);
}
catch (KeyChainException e)
{
}
return null;
}
System.Net.Http.HttpClientHandler不允许我添加客户端证书。引发NotImplemented异常。有解决办法吗?可能是其他Http客户端?您需要扩展
AndroidClientHandler
并覆盖ConfigureCustomSSLSocketFactory
public class HttpsClientHandler : AndroidClientHandler
{
private static readonly Logger LOG = LogManager.GetLogger();
private SSLContext sslContext;
private readonly ITrustManager[] trustManagers;
private IKeyManager[] keyManagers = null;
public HttpsClientHandler() : base()
{
trustManagers = GetTrustManagers();
sslContext = GetSSLContext();
}
private SSLContext GetSSLContext()
{
string protocol;
if (SslProtocols == SslProtocols.Tls11)
{
protocol = "TLSv1.1";
} else if (SslProtocols == SslProtocols.Tls || SslProtocols == SslProtocols.Tls12)
{
protocol = "TLSv1.2";
} else
{
throw new IOException("unsupported ssl protocol: " + SslProtocols.ToString());
}
SSLContext ctx = SSLContext.GetInstance(protocol);
ctx.Init(keyManagers, trustManagers, null);
return ctx;
}
public new SslProtocols SslProtocols { get; set; } = SslProtocols.Tls12;
public void SetClientCertificate(byte[] pkcs12, char[] password)
{
keyManagers = GetKeyManagersFromClientCert(pkcs12, password);
SSLContext newContext = GetSSLContext();
sslContext = newContext;
}
private ITrustManager[] GetTrustManagers()
{
TrustManagerFactory trustManagerFactory = TrustManagerFactory.GetInstance(TrustManagerFactory.DefaultAlgorithm);
trustManagerFactory.Init((KeyStore)null);
return trustManagerFactory.GetTrustManagers();
}
private IKeyManager[] GetKeyManagersFromClientCert(byte[] pkcs12, char[] password)
{
if (pkcs12 != null)
{
using (MemoryStream memoryStream = new MemoryStream(pkcs12))
{
KeyStore keyStore = KeyStore.GetInstance("pkcs12");
keyStore.Load(memoryStream, password);
KeyManagerFactory kmf = KeyManagerFactory.GetInstance("x509");
kmf.Init(keyStore, password);
return kmf.GetKeyManagers();
}
}
return null;
}
protected override SSLSocketFactory ConfigureCustomSSLSocketFactory(HttpsURLConnection connection)
{
SSLSocketFactory socketFactory = sslContext.SocketFactory;
if (connection != null)
{
connection.SSLSocketFactory = socketFactory;
}
return socketFactory;
}
}
这段代码与您的描述不符。添加更多。您的HttpClient,如何添加您的证书,引发错误的位置,确切的错误消息是什么样的。。。ClientCertificates方法只有get方法您可以尝试
handler.ClientCertificates.Add(cer)代码>?让我知道它是否有效。Jack Hua,NotImplemented Exception是Thrown请参见字节[]pkcs12是PrivateKey的值?我使用client.badsl.com页面测试集证书,但这不正确work@K.这段代码是我的一个程序的一个片段。原始代码还支持自定义CA,在我上次测试它时工作良好。因此,如果您在使用它时遇到问题,您应该在问题中添加更新,说明您做了什么以及结果是什么?原始证书数据什么是加密的?它是pkcs1.2密钥库的原始字节,包含THW证书和私钥。http协议的底层实现将根据SSL握手选择正确的证书。