.net错误:内部证书链接错误 [英] .net Error : an internal certificate chaining error
本文介绍了.net错误:内部证书链接错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
嗨朋友们
我正在尝试使用以下代码对文档进行数字签名。
私人 共享 函数符号( ByVal input() As 字节, ByVal 证书作为 X509Certificate2) As Byte ()
' 签名内容
Dim 内容 As ContentInfo = 新 ContentInfo(输入)
' 谁签名
Dim 签名者作为 CmsSigner = 新 CmsSigner(证书)
代表签名邮件
Dim signedMessage 作为 SignedCms = 新 SignedCms(内容)
' 签署消息。
signedMessage.ComputeSignature(签名者)
' 序列化已签名的邮件。
返回 signedMessage.Encode()
结束 功能
私人 共享 功能加密( ByVal cert < span class =code-keyword> As X509Certificate2, ByVal input()作为 字节)作为 字节()
' 加密内容
Dim content As ContentInfo = 新 ContentInfo(输入)
' 代表加密邮件
Dim envelopedMessage As EnvelopedCms = 新 EnvelopedCms(内容)
谁可以解密
Dim 收件人< span class =code-keyword> As CmsRecipient = 新 CmsRecipient(SubjectIdentifierType.SubjectKeyIdentifier, cert)
' 加密邮件。
envelopedMessage.Encrypt(收件人)
' 序列化邮件。
返回 envelopedMessage.Encode()
结束 功能
公共 共享 功能签名( ByVal filename 作为 字符串, ByVal certiID 作为 Int32 )
' 获取文件字节
Dim fileByte() As Byte = System.IO.File.ReadAllBytes(filename)
' 获取证书
Dim ds As System.Data.DataSet = GetCertificate(certiID)
Dim byt()作为 字节 = 新 bal_MstCertificate()。getcertificate(certiID)。表(< span class =code-digit> 0 )。行( 0 )( CertCertificate)
Dim 传递 As 字符串 = 新 bal_MstCertificate()。getcertificate(certiID).Tables( 0 )。行(< span class =code-digit> 0 )( certPassWord)
Dim myCertificate 作为 X509Certificate2 = 新 X509Certificate2(byt,pass)
' 签署数据
Dim signeddata()作为 字节 = sign(fileByte,myCertificate) )
返回加密(myCertificate,signeddata)
结束 功能
在某些机器上它可以工作但是在某些机器上它给了我以下错误
内部证书链接错误我将证书存储在数据库中
请帮我解决这个问题问题
解决方案
需要查看证书链以查看问题。在Windows上,您可以看到应用程序证书管理器,certmgr.msc以查看证书中的错误。请参见 http://technet.microsoft.com/en-us/library/cc787544 %28WS.10%29.aspx [ ^ ]。简而言之,某些证书已在您的系统中注册,受信任,不受信任等。您可以查看证书路径。证书属性颁发者应指向上级证书。证书是根证书,如果它是自己的发行者。如果未遵守此链条规则,您可以看到您报告的问题。
有关详细信息,请参阅:
http://en.wikipedia.org/wiki/Provable_security [ ^ ],
http://en.wikipedia.org/wiki/Public_key_certificate [ ^ ],
http://en.wikipedia.org/wiki/Public_key_infrastructure [ ^ ],
http://en.wikipedia.org/wiki/Certificate_authority [ ^ ];
参见: http://en.wikipedia.org/wiki/Self-signed_certificate [ ^ ]。
-SA
如果您发生了您的发布代码中发生内部证书链接错误此步骤将跟进
1.单击开始> ;运行。
2.输入MMC并单击OK。
3.转到文件>添加/删除管理单元。
4.转到文件>添加/删除管理单元。
5.Click证书,然后选择添加。
6.选择电脑帐户,然后单击下一步。
7.选择本地电脑,然后点击完成。
8.单击确定关闭管理单元窗口。
9.双击证书(本地计算机)以扩展其视图。
10.右击中级证书颁发机构并选择AllTasksàImport。
11.完成向导以导入链证书。浏览以找到要导入的链证书(* .cer)。
12.选择将所有证书放在以下商店中,然后选择中级证书颁发机构商店。 br $>
13.点击下一步;然后单击完成以完成向导。
右键单击中间证书颁发机构,然后选择刷新。展开中级证书颁发机构的视图并查看证书目录以验证证书是否已正确安装。
或点击此链接 http://www.entrust.net/knowledge-base/ technote.cfm?tn = 8166 [ ^ ]
Hi friends
I am trying to digitally sign the documents using the following code.
Private Shared Function sign(ByVal input() As Byte, ByVal certificate As X509Certificate2) As Byte()
'what is signed
Dim content As ContentInfo = New ContentInfo(input)
'who signs
Dim signer As CmsSigner = New CmsSigner(certificate)
' represents a signed message
Dim signedMessage As SignedCms = New SignedCms(content)
'Sign the message.
signedMessage.ComputeSignature(signer)
'Serialize the signed message.
Return signedMessage.Encode()
End Function
Private Shared Function encrypt(ByVal cert As X509Certificate2, ByVal input() As Byte) As Byte()
'what is encrypted
Dim content As ContentInfo = New ContentInfo(input)
'represents an encrypted message
Dim envelopedMessage As EnvelopedCms = New EnvelopedCms(content)
'who can decrypt
Dim recipient As CmsRecipient = New CmsRecipient(SubjectIdentifierType.SubjectKeyIdentifier, cert)
'Encrypt the message.
envelopedMessage.Encrypt(recipient)
'Serialize the message.
Return envelopedMessage.Encode()
End Function
Public Shared Function Signature(ByVal filename As String, ByVal certiID As Int32)
'Getting the File Bytes
Dim fileByte() As Byte = System.IO.File.ReadAllBytes(filename)
'Getting The certificate
Dim ds As System.Data.DataSet = GetCertificate(certiID)
Dim byt() As Byte = New bal_MstCertificate().getcertificate(certiID).Tables(0).Rows(0)("CertCertificate")
Dim pass As String = New bal_MstCertificate().getcertificate(certiID).Tables(0).Rows(0)("certPassWord")
Dim myCertificate As X509Certificate2 = New X509Certificate2(byt, pass)
'Signning the Data
Dim signeddata() As Byte = sign(fileByte, myCertificate)
Return encrypt(myCertificate, signeddata)
End Function
On some machine it works but on Some machine it gives me following error
"an internal certificate chaining error" I am storing my certificate in the database
Please Helpe me in this issue
解决方案
A look at your certificate chain is needed to see the problem. On Windows, you can see the application "Certificate Manager", "certmgr.msc" to see what' wrong in your certificate. See http://technet.microsoft.com/en-us/library/cc787544%28WS.10%29.aspx[^]. In brief, some certificates are registered in your system, trusted, untrusted, etc. You can look at "certificate path". A certificate property "issuer" should point to upper-level certificate. A certificate is a root certificate if its the issuer of itself. If this chain rules are not observed, you can see the problem you report.
For further detail, see:
http://en.wikipedia.org/wiki/Provable_security[^],
http://en.wikipedia.org/wiki/Public_key_certificate[^],
http://en.wikipedia.org/wiki/Public_key_infrastructure[^],
http://en.wikipedia.org/wiki/Certificate_authority[^];
see also: http://en.wikipedia.org/wiki/Self-signed_certificate[^].
—SA
If you occured An internal certificate chaining error has occurred in your publish code this step will be follow- up
1.Click Start > Run.
2.Enter MMC and click OK.
3.Go to File > Add/Remove Snap-in.
4.Go to File > Add/Remove Snap-in.
5.Click Certificates, and select Add.
6.Select Computer Account, and click Next.
7.Select Local Computer and click Finish.
8.Click OK to close the Snap-ins window.
9.Double-click Certificates (local computer) to expand its view.
10.Right-click Intermediate Certification Authorities and select All Tasks àImport.
11.Complete the wizard to import the chain certificate. Browse to locate the chain certificate to be imported (*.cer).
12.Select Place all certificates in the following store and select the Intermediate Certificate Authorities store.
13.Click Next; then click Finish to complete the wizard.
Right-click Intermediate Certification Authorities and select Refresh. Expand the view for Intermediate Certification Authorities and look in the certificates directory to verify that the certificate is installed correctly.
or check this link http://www.entrust.net/knowledge-base/technote.cfm?tn=8166[^]
这篇关于.net错误:内部证书链接错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
