System.Net.WebException通过HTTPS消耗Web服务时抛出 [英] System.Net.WebException thrown when consuming a web service over HTTPS
问题描述
拨打电话使用HTTPS我的应用程序在服务器上运行一个Web服务时抛出的消息System.Net.WebException基础连接已关闭:无法建立与远程服务器的信任关系。我不知道如何解决这个问题,并成功地拨打电话。
经过一番研究,我发现了一个博客由一月Tielens进入这也解释了是怎么回事,和我的问题的方法
当您浏览到一个HTTPS站点,你可能会得到一个对话窗口,询问您是否要信任由Web服务器提供的证书。所以接受证书的责任是由用户处理。让我们回到webservice的情况下,如果你想调用位于一个Web服务器web服务,它使用SSL和HTTPS有问题。当您从代码中调用,也没有对话窗口弹出,并询问您是否信任该证书(幸运的是,因为这将是服务器端的场景很丑陋);也许你会得到以下异常:
类型的未处理的异常
System.Net.WebException
发生在System.dll中结果
附加信息:基础
连接被关闭:无法
建立与
远程信任关系服务器。
块引用>
但是,这种
问题的解决方案,您可以通过在
码解决这个创建您自己的
CertificatePolicy
类(
实现了ICertificatePolicy
接口) 。在这个类中,您将
已经写自己的
CheckValidationResult
的
函数返回真实
或假
,就像你
会按yes或no的对话框
窗口。为发展宗旨我已经
创建以下类
接受所有证书,这样你就不会
获得的肮脏引发WebException
了
块引用>
公共类TrustAllCertificatePolicy:System.Net.ICertificatePolicy
{
酒店的公共TrustAllCertificatePolicy(){}
公共BOOL CheckValidationResult(SP的ServicePoint,X509证书证书,WebRequest的REQ,INT问题),
{
返回真;
}
}
正如你所看到的在
CheckValidationResult
函数总是
返回true,所以所有的证书都将
被信任。如果你想使这个
类一点点更安全,你
可以用
例如X509证书
参数添加额外的检查。
。要使用此CertificatePolicy
,你会
已经告诉ServicePointManager
,来使用它:
块引用>
System.Net.ServicePointManager.CertificatePolicy =新TrustAllCertificatePolicy();
这必须做到(在
应用一次使得
调用Web服务的前生命周期)。
块引用>When making a call to a web service running on a server using HTTPS my application throws a System.Net.WebException with the message "The underlying connection was closed: Could not establish trust relationship with remote server". I'm not sure how to get around this issue and successfully make the call.
解决方案After some research, I found a blog entry by Jan Tielens which explains what is going on and a workaround for my problem:
When you browse to a HTTPS site, you probably get a dialog window asking you if you want to trust the certificate provided by the webserver. So the responsibility of accepting the certificate is handled by the user. Let's get back to the webservice scenario, if you want to invoke a webservice located on a webserver which uses SSL and HTTPS there is a problem. When you make the call from code, there is no dialog window popping up, and asking if you trust the certificate (luckily because this would be pretty ugly in server-side scenarios); probably you'll get following exception:
An unhandled exception of type
System.Net.WebException
occurred in System.dll
Additional information: The underlying connection was closed: Could not establish trust relationship with remote server.But there is a solution for this problem, you can solve this in your code by creating your own
CertificatePolicy
class (which implements theICertificatePolicy
interface). In this class you will have to write your ownCheckValidationResult
function that has to returntrue
orfalse
, like you would press yes or no in the dialog window. For development purposes I've created the following class which accepts all certificates, so you won't get the nastyWebException
anymore:
public class TrustAllCertificatePolicy : System.Net.ICertificatePolicy { public TrustAllCertificatePolicy() { } public bool CheckValidationResult(ServicePoint sp, X509Certificate cert, WebRequest req, int problem) { return true; } }
As you can see the
CheckValidationResult
function always returns true, so all certificates will be trusted. If you want to make this class a little bit more secure, you can add additional checks using theX509Certificate
parameter for example. To use thisCertificatePolicy
, you'll have to tell theServicePointManager
to use it:
System.Net.ServicePointManager.CertificatePolicy = new TrustAllCertificatePolicy();
This must be done (one time during the application life cycle) before making the call to your webservice.
这篇关于System.Net.WebException通过HTTPS消耗Web服务时抛出的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!