在ASP.NET自托管Web API上配置SSL [英] Configuring SSL on ASP.NET Self-Hosted Web API
问题描述
我正在创建自托管的Web API服务.为了保护它,我已经研究并实现了此文章,如果我使用
I'm creating Self-hosted Web API service. To secure it, I've studied and implemented this article, successfully generated an local SSL Certificate using makecert and my service authenticated and generates tokens fine, if I'm using
http://localhost/webapi/authentication/authenticate
链接,但是当我尝试使用HTTPS访问我的服务时,我在Firefox上得到了关注:
link, but when I try to access my service using HTTPS, I get following on Firefox:
ssl_error_rx_record_too_long
ssl_error_rx_record_too_long
并针对相同的请求,提琴手向我展示了
and for the same request Fiddler shows me:
HTTP/1.1 502 Fiddler-连接失败日期:2013年8月26日,星期一10:44:27 GMT内容类型:text/html;charset = UTF-8连接:关闭时间戳:13:44:27.433
HTTP/1.1 502 Fiddler - Connection Failed Date: Mon, 26 Aug 2013 10:44:27 GMT Content-Type: text/html; charset=UTF-8 Connection: close Timestamp: 13:44:27.433
[Fiddler]与本地主机的套接字连接失败.
失败与server.fiddler.network协商HTTPS连接.https>无法保护本地主机的现有连接.握手由于出现意外的数据包格式而失败.
[Fiddler] The socket connection to localhost failed.
Failed to
negotiate HTTPS connection with server.fiddler.network.https>
Failed to secure existing connection for localhost. The handshake
failed due to an unexpected packet format..
我的自托管配置:
private HttpSelfHostServer _server;
private ExtendedHttpsSelfHostConfiguration _config;
public const string ServiceAddress = "https://localhost/webapi";
_config = new ExtendedHttpsSelfHostConfiguration(ServiceAddress);
_server = new HttpSelfHostServer(_config);
_server.OpenAsync();
其中来自这篇文章的ExtendedHttpSelfHostConfiguration是:
where ExtendedHttpSelfHostConfiguration taken from this post is:
public class ExtendedHttpSelfHostConfiguration : HttpSelfHostConfiguration
{
public ExtendedHttpSelfHostConfiguration(string baseAddress) : base(baseAddress) { }
public ExtendedHttpSelfHostConfiguration(Uri baseAddress) : base(baseAddress) { }
protected override BindingParameterCollection OnConfigureBinding(HttpBinding httpBinding)
{
if (BaseAddress.ToString().ToLower().Contains("https://"))
{
httpBinding.Security.Mode = HttpBindingSecurityMode.Transport;
}
return base.OnConfigureBinding(httpBinding);
}
}
我想念的是什么?预先感谢!
What I'm missing? Thanks in advance!
推荐答案
According to this blog post I've figured out, that I should create an SSL certificate and assign it to specific port (:99 in my case).
我已经创建了本地签名的SSL.然后得到它的缩略图和 ApplicationId .使用CMD命令 netsh (在Win7之前的系统中,有一个 httpcfg 工具),我已将证书分配给了端口
I've created locally signed SSL. Then got it's Thumbprint and ApplicationId. Using CMD command netsh (in pre Win7 systems there is an httpcfg tool), I've assigned my certificate to the port
netsh http add sslcert ipport = 0.0.0.0:99 certhash = 3e49906c01a774c888231e5092077d3d855a6861 appid = {2d6059b2-cccb-4a83-ae08-8ce209c2c5c1}
,其中certhash = SSL Thumbprint,并且appid = ApplicationId 我之前已复制.
netsh http add sslcert ipport=0.0.0.0:99 certhash=3e49906c01a774c888231e5092077d3d855a6861 appid={2d6059b2-cccb-4a83-ae08-8ce209c2c5c1}
, where certhash = SSL Thumbprint, and appid = ApplicationId I've copied earlier.
就这样,现在我可以发出HTTPS请求了!
That's it, now I'm able to make HTTPS requests!
这篇关于在ASP.NET自托管Web API上配置SSL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!