单WebRequest的失败,HTTPS [英] mono webrequest fails with https
问题描述
我做一个简单的REST客户端在我的C#应用程序使用。在Windows上的.NET它以http伟大工程://和https://连接。 //工作原理:在单2.6.7在Ubuntu 10.10只有HTTP(还与2.8具有相同的结果测试)。 https://开头的连接扔了这个异常的request.GetResponse()方法:
未处理的异常信息:System.Net.WebException :错误获取响应流(写:身份验证或解密失败。):SendFailure ---> System.IO.IOException:认证或解密失败。 ---> Mono.Security.Protocol.Tls.TlsException:从服务器接收证书无效。错误代码:0xffffffff800b010a
在Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates(Mono.Security.X509.X509CertificateCollection证书)[0x00000]上述<文件名不明> 0
。在Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1()[0x00000]上述<文件名未知> 0
。在Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process()[0x00000 ]上述<文件名不明> 0
。在(包装远程-调用,以检查)Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:处理()$ b $在Mono.Security.Protocol湾Tls.ClientRecordProtocol.ProcessHandshakeMessage(Mono.Security.Protocol.Tls.TlsStream handMsg)[0x00000]上述<文件名不明> 0
在Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback(IAsyncResult的asyncResult)0x00000 ]上述<文件名不明> 0
---内部异常堆栈跟踪的结尾---
在Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback(IAsyncResult的asyncResult)[0x00000]上述< ;文件名不明> 0
---内部异常堆栈跟踪---
结束在System.Net.HttpWebRequest.EndGetResponse(IAsyncResult的asyncResult)[0x00000]上述<文件名不明> 0
。在System.Net.HttpWebRequest.GetResponse()[0x00000]上述<文件名不明> 0
我一直没能找到任何方式来解决这个问题。任何人有任何想法,为什么这种情况正在发生,以及如何解决它?
同样,这只有在单声道失败,净似乎并不具备建立连接的任何问题
下面是调用代码:
公共JToken DoRequest(串路径,则params字符串[]参数){
如果){
路径=/+路径(path.StartsWith(/!);
}
串fullUrl = URL +路径+ ToQueryString(参数);如果(DebugUrls)Console.WriteLine
(请求:{0},fullUrl);
的WebRequest请求= HttpWebRequest.CreateDefault(新的URI(fullUrl));使用
(WebResponse的响应= request.GetResponse())
使用(流responseStream = response.GetResponseStream()){
返回ReadResponse(responseStream);
}
}
的在Windows .NET框架使用Windows证书存储(MMC,添加/删除管理单元,证书),以确定是否接受来自远程站点的SSL证书。 Windows附带有一堆的根和中级证书颁发机构(CA)和他们得到的Windows Update定期更新的。这样一来,你的.NET代码通常会信任证书提供它是由CA或CA的证书存储后裔(最有信誉的商业CA的都包括)发行。
在单声道,没有Windows证书存储区。单有它自己的商店。默认情况下,它是空的(没有默认的CA的受信任)。你需要自己管理的条目。
在这里看看:
- 的http://www.mono-project.com/FAQ:_Security
- 的 https://raw.github.com/mono/mono/master/ MCS /班/ Mono.Security /测试/工具/ tlstest / tlstest.cs
的
mozroots.exe点会使你的单声道安装到相信,一个违约后的Firefox安装信任的一切。
I'm making a simple REST client to use in my C# applications. In .net on Windows It works great with http:// and https:// connections. In mono 2.6.7 (Also tested with 2.8 with the same results) on Ubuntu 10.10 only http:// works. https:// connections throw up this exception on the request.GetResponse() method:
Unhandled Exception: System.Net.WebException: Error getting response stream (Write: The authentication or decryption has failed.): SendFailure ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error code: 0xffffffff800b010a
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
at System.Net.HttpWebRequest.GetResponse () [0x00000] in <filename unknown>:0
I haven't been able to find any way to fix this. Anyone have any idea why this is happening and how to fix it?
Again, this only fails in Mono, .Net doesn't seem to have any problem establishing a connection.
here's the calling code:
public JToken DoRequest(string path, params string[] parameters) {
if(!path.StartsWith("/")) {
path = "/" + path;
}
string fullUrl = url + path + ToQueryString(parameters);
if(DebugUrls) Console.WriteLine("Requesting: {0}", fullUrl);
WebRequest request = HttpWebRequest.CreateDefault(new Uri(fullUrl));
using(WebResponse response = request.GetResponse())
using(Stream responseStream = response.GetResponseStream()) {
return ReadResponse(responseStream);
}
}
The .NET Framework on Windows uses the Windows Certificates store (mmc, Add/Remove Snap-Ins, Certificates) to determine whether to accept an SSL certificate from a remote site. Windows ships with a bunch of Root and Intermediate Certificate Authorities (CA) and they get updated periodically by Windows Update. As a result, your .NET code will generally trust a certificate provided it was issued by a CA or a descendant of a CA in the certificate store (most reputable commercial CA's are included).
In Mono, there is no Windows Certificate store. Mono has it's own store. By default, it is empty (there are no default CA's that are trusted). You need to manage the entries yourself.
Take a look here:
- http://www.mono-project.com/FAQ:_Security
- https://raw.github.com/mono/mono/master/mcs/class/Mono.Security/Test/tools/tlstest/tlstest.cs
The mozroots.exe point will cause your mono install to trust everything that Firefox trusts after a default install.
这篇关于单WebRequest的失败,HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
