使用 SSL 从 C# 应用程序调用 WebService [英] Call WebService from C# application using SSL

问题描述

在我的 C# 桌面应用程序中，我调用了用 php 开发的 Web 服务.我可以有CA文件.我不知道如何通过 SSL 调用 Web 服务并对证书进行身份验证.我必须通过服务器传递什么以及从服务器进行身份验证的响应中期望什么?老实说，我不知道.

In my C# desktop application, I am calling web services developed in php. I can have the CA file. I don't know how to call the web service via SSL and authenticating the certificate. What do I have to pass the server and what to expect in response form the server for authenticating ? Honestly I have no idea.

引用自:http://weblogs.asp.net/jan/存档/2003/12/04/41154.aspx

//在调用 web 服务之前System.Net.ServicePointManager.CertificatePolicy = new MyPolicy();

// Before calling web service System.Net.ServicePointManager.CertificatePolicy = new MyPolicy();

public class MyPolicy : ICertificatePolicy
{
    X509Certificate clientCert = null;

    public MyPolicy() {
        clientCert = X509Certificate.CreateFromSignedFile(HTTPUtility.CERT_FILE);
    }

    public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem)
    {
        Console.WriteLine("********* Into CheckValidationResult : " + certificate.ToString());

        Console.WriteLine("####### Client Certificate : " + clientCert.ToString() + "\n" + "Subject = " + clientCert.Subject);
        Console.WriteLine("Issuer : " + clientCert.Issuer + "\n Seral No : " + clientCert.GetSerialNumberString());
        Console.WriteLine("Not Before : " + clientCert.GetEffectiveDateString() +" \n Not After : " + clientCert.GetExpirationDateString());
        Console.WriteLine("Thumb Print : " + clientCert.GetPublicKeyString());
        Console.WriteLine("######## EQuals SERVER CERT : " + clientCert.Equals(certificate));

        // Force to return true
        return true;
    }
}

以上检查方法是否正确?如果不是为什么，什么是解决方案.我也收到此警告'System.Net.ServicePointManager.CertificatePolicy' 已过时:'CertificatePolicy 对于此类型已过时，请改用 ServerCertificateValidationCallback.".

Is the above method of checking correct ? If not why and what can be the solution. I also get this warning "'System.Net.ServicePointManager.CertificatePolicy' is obsolete: 'CertificatePolicy is obsoleted for this type, please use ServerCertificateValidationCallback instead.".

这样我怎么知道 CheckValidationResult() 是否返回 false ?

With this how can I know if the CheckValidationResult() returned false ?

非常感谢任何帮助.

谢谢

推荐答案

您是否尝试过按照过时消息中的建议使用 ServerCertificateValidationCallback?例如，您可以向现有的 MyPolicy 类添加如下所示的方法:

Have you tried using ServerCertificateValidationCallback as recommended in the obsolescence message? For example, you could add a method like the following to your existing MyPolicy class:

public bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
    Console.WriteLine(sslPolicyErrors);  // Or whatever you want to do...
    return true;
}

完成后，您可以替换现有的

Once that's done, you could replace your existing

System.Net.ServicePointManager.CertificatePolicy = new MyPolicy();

以下内容:

MyPolicy policy = new MyPolicy();
System.Net.ServicePointManager.ServerCertificateValidationCallback = policy.ValidateServerCertificate;

这篇关于使用 SSL 从 C# 应用程序调用 WebService的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！