Security.Authentication.AuthenticationException:根据验证过程,远程证书无效

时间:2013-08-07 11:33:54

标签: asp.net asp.net-mvc

我已经下载了通过https提供API的产品的试用版。目前在我的asp.net mvc Web应用程序中,我正在执行以下操作来执行对产品试用版的API调用: - 

[HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult Create(RackJoin rj, FormCollection formValues)
        {
            string controllername = RouteData.Values["controller"].ToString();
            if (ModelState.IsValid)
            {
                var message = "";
                var status = "";
                long assetid = new long();
                XmlDocument doc = new XmlDocument();
                using (var client = new WebClient())
                {
                    var query = HttpUtility.ParseQueryString(string.Empty);
                    foreach (string key in formValues)
                    {
                        query[key] = this.Request.Form[key];
                    }

query["username"] =  System.Web.Configuration.WebConfigurationManager.AppSettings["ApiUserName"];
query["password"] =  System.Web.Configuration.WebConfigurationManager.AppSettings["ApiPassword"];
string apiurl = "https://win-spdev:8400/servlets/AssetServlet";
//code goes here…..
                    var url = new UriBuilder(apiurl);
                    url.Query = query.ToString();

但我会得到以下例外: -

  

发生错误:System.Security.Authentication.AuthenticationException:   根据验证,远程证书无效   程序。在   System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken   消息,AsyncProtocolRequest asyncRequest,异常异常)at   System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken   消息,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartSendBlob(Byte [] incoming,Int32   count,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.ProcessReceivedBlob(Byte []缓冲区,Int32   count,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartReadFrame(Byte []缓冲区,Int32   readBytes,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartReceiveBlob(Byte []缓冲区,   AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken   消息,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartSendBlob(Byte [] incoming,Int32   count,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.ProcessReceivedBlob(Byte []缓冲区,Int32   count,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartReadFrame(Byte []缓冲区,Int32   readBytes,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartReceiveBlob(Byte []缓冲区,   AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken   消息,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartSendBlob(Byte [] incoming,Int32   count,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.ProcessReceivedBlob(Byte []缓冲区,Int32   count,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartReadFrame(Byte []缓冲区,Int32   readBytes,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartReceiveBlob(Byte []缓冲区,   AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken   消息,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.StartSendBlob(Byte [] incoming,Int32   count,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst,   Byte [] buffer,AsyncProtocolRequest asyncRequest)at   System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult   lazyResult)在System.Net.TlsStream.CallProcessAuthentication(Object   国家)   System.Threading.ExecutionContext.RunInternal(执行上下文   executionContext,ContextCallback回调,对象状态,布尔值   preserveSyncCtx)at   System.Threading.ExecutionContext.Run(执行上下文   executionContext,ContextCallback回调,对象状态,布尔值   preserveSyncCtx)at   System.Threading.ExecutionContext.Run(执行上下文   executionContext,ContextCallback回调,对象状态)at   System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)at   System.Net.TlsStream.Write(Byte []缓冲区,Int32偏移量,Int32大小)at   System.Net.PooledStream.Write(Byte []缓冲区,Int32偏移量,Int32大小)   在System.Net.ConnectStream.WriteHeaders(布尔异步)

请注意,如果我直接从网络浏览器调用API,我可以毫无问题地调用API: 

https://win-spdev:8400/servlets/AssetServlet?username=tmsservice&password=test2test2&assetType=Rack&operation=UpdateAsset&assetName=rack9090909858585&accountName=GROUP&siteName=test%20site&productName=rackproductone

这个问题与API是否超过https有关,因为我在开发机器中使用该产品的试用版,我应该安装有效的证书吗?或者问题与安全认证无关? 感谢

2 个答案:

答案 0 :(得分:28)

问题是您尚未配置有效的SSL证书。由于有效的SSL证书需要花钱,出于开发目的,我猜您使用的是自动签名证书。您可以通过设置Application_Start中的ServerCertificateValidationCallback静态属性来忽略这些错误:

System.Net.ServicePointManager.ServerCertificateValidationCallback += 
    (s, cert, chain, sslPolicyErrors) => true;

注意:避免在生产中这样做。在LIVE上部署时,请确保使用的是有效的SSL证书。

答案 1 :(得分:1)

向Darin Dimitrov致敬...... VB.NET人员可以使用它(在我的网络应用程序' Global.asax.vb中):

Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
System.Net.ServicePointManager.ServerCertificateValidationCallback = Function(s, cert, chain, sslPolicyErrors)
                                                                       Return True
                                                                     End Function
End Sub
相关问题
最新问题