System.Net.WebException通过HTTPS消耗Web服务时抛出 [英] System.Net.WebException thrown when consuming a web service over HTTPS

问题描述

拨打电话使用HTTPS我的应用程序在服务器上运行一个Web服务时抛出的消息System.Net.WebException基础连接已关闭：无法建立与远程服务器的信任关系。我不知道如何解决这个问题，并成功地拨打电话。

解决方案

经过一番研究，我发现了一个博客由一月Tielens进入这也解释了是怎么回事，和我的问题的方法

当您浏览到一个HTTPS站点，你可能会得到一个对话窗口，询问您是否要信任由Web服务器提供的证书。所以接受证书的责任是由用户处理。让我们回到webservice的情况下，如果你想调用位于一个Web服务器web服务，它使用SSL和HTTPS有问题。当您从代码中调用，也没有对话窗口弹出，并询问您是否信任该证书（幸运的是，因为这将是服务器端的场景很丑陋）;也许你会得到以下异常：

类型的未处理的异常 System.Net.WebException 发生在System.dll中结果
附加信息：基础
连接被关闭：无法
建立与
远程信任关系服务器。

但是，这种
问题的解决方案，您可以通过在
码解决这个创建您自己的
CertificatePolicy 类（
实现了 ICertificatePolicy
接口） 。在这个类中，您将
已经写自己的
CheckValidationResult 的
函数返回真实或假，就像你
会按yes或no的对话框
窗口。为发展宗旨我已经
创建以下类
接受所有证书，这样你就不会
获得的肮脏引发WebException 了

 公共类TrustAllCertificatePolicy：System.Net.ICertificatePolicy 
 {
酒店的公共TrustAllCertificatePolicy（）{} 
 
公共BOOL CheckValidationResult（SP的ServicePoint，X509证书证书，WebRequest的REQ，INT问题），
 {
返回真; 
} 
} 
  

正如你所看到的在
CheckValidationResult 函数总是
返回true，所以所有的证书都将
被信任。如果你想使这个
类一点点更安全，你
可以用
例如 X509证书参数添加额外的检查。
。要使用此 CertificatePolicy ，你会
已经告诉 ServicePointManager
，来使用它：

  System.Net.ServicePointManager.CertificatePolicy =新TrustAllCertificatePolicy（）; 
  

这必须做到（在
应用一次使得
调用Web服务的前生命周期）。

When making a call to a web service running on a server using HTTPS my application throws a System.Net.WebException with the message "The underlying connection was closed: Could not establish trust relationship with remote server". I'm not sure how to get around this issue and successfully make the call.

解决方案

After some research, I found a blog entry by Jan Tielens which explains what is going on and a workaround for my problem:

When you browse to a HTTPS site, you probably get a dialog window asking you if you want to trust the certificate provided by the webserver. So the responsibility of accepting the certificate is handled by the user. Let's get back to the webservice scenario, if you want to invoke a webservice located on a webserver which uses SSL and HTTPS there is a problem. When you make the call from code, there is no dialog window popping up, and asking if you trust the certificate (luckily because this would be pretty ugly in server-side scenarios); probably you'll get following exception:

An unhandled exception of type System.Net.WebException occurred in System.dll
Additional information: The underlying connection was closed: Could not establish trust relationship with remote server.

But there is a solution for this problem, you can solve this in your code by creating your own CertificatePolicy class (which implements the ICertificatePolicy interface). In this class you will have to write your own CheckValidationResult function that has to return true or false, like you would press yes or no in the dialog window. For development purposes I've created the following class which accepts all certificates, so you won't get the nasty WebException anymore:

public class TrustAllCertificatePolicy : System.Net.ICertificatePolicy
{
    public TrustAllCertificatePolicy() { }

    public bool CheckValidationResult(ServicePoint sp, X509Certificate cert, WebRequest req, int problem)
    {
        return true;
    }
}

As you can see the CheckValidationResult function always returns true, so all certificates will be trusted. If you want to make this class a little bit more secure, you can add additional checks using the X509Certificate parameter for example. To use this CertificatePolicy, you'll have to tell the ServicePointManager to use it:

System.Net.ServicePointManager.CertificatePolicy = new TrustAllCertificatePolicy();

This must be done (one time during the application life cycle) before making the call to your webservice.

这篇关于System.Net.WebException通过HTTPS消耗Web服务时抛出的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！