错误:C# 底层连接已关闭:无法为 SSL/TLS 安全通道建立信任关系
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11222759/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Error: C# The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel
提问by Roger G
I'm trying to make a request via SSL. The certificate is already installed on the machine and it works via browser.
我正在尝试通过 SSL 发出请求。证书已经安装在机器上,它可以通过浏览器工作。
I am using this request:
我正在使用这个请求:
System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
byte[] data = encoding.GetBytes(request.Content.OuterXml.ToString());
string password = "XXXX";
X509Certificate2 cert = new X509Certificate2("c:\zzzz.p12", password);
string key = cert.GetPublicKeyString();
string certData = Encoding.ASCII.GetString(cert.Export(X509ContentType.Cert));
Uri uri = new Uri(request.Url);
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(uri);
myRequest.Credentials = new NetworkCredential(request.User, request.Password.ToString());
myRequest.Method = "PUT";
myRequest.ContentType = request.ContentType;
myRequest.ContentLength = data.Length;
myRequest.ClientCertificates.Add(cert);
Stream newStream = myRequest.GetRequestStream();
newStream.Write(data, 0, data.Length);
newStream.Close();
System.IO.StreamReader st = new StreamReader(((HttpWebResponse)myRequest.GetResponse()).GetResponseStream());
Using this code I get this error:
使用此代码我收到此错误:
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
底层连接已关闭:无法为 SSL/TLS 安全通道建立信任关系。---> System.Security.Authentication.AuthenticationException: 根据验证程序,远程证书无效。
What is the problem?
问题是什么?
采纳答案by Roger G
I solved the problem with this:
我用这个解决了这个问题:
ServicePointManager.ServerCertificateValidationCallback = new
RemoteCertificateValidationCallback
(
delegate { return true; }
);
回答by Vladik Branevich
This is client code, right? And you're accessing an HTTPS url, aren't you? I think the problem is with the server certificate, which the client-side TLS stack cannot validate. When you connect to that URL via browser, does it work smoothly or do you see a warning on certificate mismatch?
这是客户端代码,对吧?而且您正在访问 HTTPS 网址,不是吗?我认为问题在于服务器证书,客户端 TLS 堆栈无法验证。当您通过浏览器连接到该 URL 时,它是否运行顺利,或者您是否看到证书不匹配的警告?
回答by bvgheluwe
Make sure your certificate is properly trusted. Has the root certificate been added to the correct certificate store (Trusted Root CA's on Local Machine)?
确保您的证书受到正确信任。根证书是否已添加到正确的证书存储区(本地计算机上的受信任根 CA)?
I encountered this error when the (own made) root certificate for a (self signed) certificate had been added to the Trusted Root CA's for Current User). Moving the root cert to the Root CA store on Local Machine solved my issue.
当(自签名)证书的(自己制作的)根证书已添加到当前用户的受信任根 CA 时,我遇到了此错误。将根证书移动到本地机器上的根 CA 存储解决了我的问题。
