ForceHttpWebRequesttoSendClientCertificate我有一个p12证书,我是这样加载的:X509KeyStorageFlags.Exportable);它加载正确,事实上如果我做certificate.PrivateKey.ToXmlString(true);它返回一个没有错误的完整xml。但如果我这样做:try{X509Chainchain=newX509Chain();varchainBuilt=chain.Build(证书);Console.WriteLine("链构建状态:"+chainBuilt);if(chainBuilt==false)foreach(X509ChainStatuschainStatusinchain.ChainStatus)Console.WriteLine("链错误:"+chainStatus.Status);}catch(Exceptionex){Console.WriteLine(ex);}它写道:Chainbuildingstatus:FalseChainerror:RevocationStatusUnknownChainerror:OfflineRevocation所以当我这样做时:ServicePointManager.CheckCertificateRevocationList=false;ServicePointManager.ServerCertificateValidationCallback=(a,b,c,d)=>true;ServicePointManager.Expect100Continue=true;Console.WriteLine("connessionea:"+host);HttpWebRequestreq=(HttpWebRequest)WebRequest.Create(host);req.PreAuthenticate=true;req.AllowAutoRedirect=true;req.ClientCertificates.Add(证书);req.Method="POST";req.ContentType="application/x-www-form-urlencoded";stringpostData="登录表单-type=cert";byte[]postBytes=Encoding.UTF8.GetBytes(postData);req.ContentLength=postBytes.Length;StreampostStream=req.GetRequestStream();postStream.Write(postBytes,0,postBytes.Length);postStream.Flush();postStream.Close();WebResponseresp=req.GetResponse();服务器说证书未发送/有效我的问题是:非常感谢。安东尼我解决了这个问题,专注于P12文件(如PFX)包含超过1个证书,因此必须以这种方式加载:X509Certificate2Collectioncertificates=newX509Certificate2Collection();certificates.Import(certName,password,X509KeyStorageFlags.MachineKeySet|X509KeyStorageFlags.PersistKeySet);并以这种方式添加到HttpWebRequest:request.ClientCertificates=certificates;感谢您的支持。完整的示例代码stringhost=@"https://localhost/";stringcertName=@"C:tempcert.pfx";stringpassword=@"密码";尝试{X509Certificate2Collection证书=newX509Certificate2Collection();证书。导入(certName,密码,X509KeyStorageFlags.MachineKeySet|X509KeyStorageFlags.PersistKeySet);ServicePointManager.ServerCertificateValidationCallback=(a,b,c,d)=>true;HttpWebRequestreq=(HttpWebRequest)WebRequest.Create(host);req.AllowAutoRedirect=true;req.ClientCertificates=证书;req.Method="POST";req.ContentType="application/x-www-form-urlencoded";stringpostData="login-form-type=cert";byte[]postBytes=Encoding.UTF8.GetBytes(postData);req.ContentLength=postBytes.Length;流postStream=req.GetRequestStream();postStream.Write(postBytes,0,postBytes.Length);postStream.Flush();postStream.Close();WebResponseresp=req.GetResponse();流流=resp.GetResponseStream();使用(StreamReaderreader=newStreamReader(stream)){stringline=reader.ReadLine();while(line!=null){Console.WriteLine(line);line=reader.ReadLine();}}stream.Close();}catch(Exceptione){Console.WriteLine(e);问题是你是把私钥安装到机器存储上,一般不允许非本地系统账户下运行的进程使用,或者有明确的客户端认证私钥权限您需要在当前用户存储中安装密钥:X509Certificate2certificate=newX509Certificate2(certName,password,X509KeyStorageFlags.UserKeySet|X509KeyStorageFlags.PersistKeySet|X509KeyStorageFlags.Exportable);我使用带有pfx证书的修改版本的代码创建了一个命令行程序,其中包含从IE导出的私钥,我可以验证到安全网站并检索受保护的页面:以上是C#学习教程:ForceHttpWebRequest发送客户端证书分享全部内容,如果对大家有用,需要了解更多C#学习教程,希望大家多多关注—stringhost=@"https://localhost/";stringcertName=@"C:tempcert.pfx";stringpassword=@"密码";尝试{X509Certificate2certificate=newX509Certificate2(certName,password);ServicePointManager.CheckCertificateRevocationList=false;ServicePointManager.ServerCertificateValidationCallback=(a,b,c,d)=>true;ServicePointManager.Expect100Continue=true;HttpWebRequestreq=(HttpWebRequest)Webhost(Create);req.PreAuthenticate=true;req.AllowAutoRedirect=true;req.ClientCertificates.Add(证书);req.Method="POST";req.ContentType="application/x-www-form-urlencoded";tringpostData=“登录表单类型=证书”;byte[]postBytes=Encoding.UTF8.GetBytes(postData);req.ContentLength=postBytes.Length;流postStream=req.GetRequestStream();postStream.Write(postBytes,0,postBytes.Length);postStream.Flush();postStream.Close();WebResponseresp=req.GetResponse();流流=resp.GetResponseStream();使用(StreamReaderreader=newStreamReader(stream)){stringline=reader.ReadLine();while(line!=null){Console.WriteLine(line);line=reader.ReadLine();}}stream.Close();}catch(Exceptione){Console.WriteLine(e);}本文收集自网络,不代表立场。如涉及侵权,请点击右侧联系管理员删除。如有转载请注明出处:
