在Mono上使用自定义SSL客户端证书System.Net.HttpClient

时间:2014-08-25 22:04:18

标签: c# mono dotnet-httpclient

我正在使用NuGet中的Microsoft HTTP Client Libraries,我基本上尝试使用X509Certificate2证书在HttpClient中允许TLS身份验证。

我尝试过像这样创建客户端:

WebRequestHandler certHandler = new WebRequestHandler () {
    ClientCertificateOptions = ClientCertificateOption.Manual,
    UseDefaultCredentials = false
};
certHandler.ClientCertificates.Add (this.ClientCertificate);
HttpClient client = new HttpClient (certHandler);

但是certHandler.ClientCertificates失败了,因为这个getter是not implemented in Mono,所以我从那里得到一个NotImplementedException。 (我不确定为什么这仍然是TODO。)

到目前为止,我运气不好。任何想法如何在Mono环境中简单地在HttpClient上设置客户端证书?

1 个答案:

答案 0 :(得分:1)

看起来好像只是能够将客户端证书集合传递给CreateWebRequest中的HttpWebRequest,所以由于继承了不起作用,我只是从单声道复制/粘贴了类,添加了实施。

// Copyright (c) 2013 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.Net.Cache;
using System.Net.Security;
using System.Security.Principal;
using System.Security.Cryptography.X509Certificates;

namespace System.Net.Http
{
    public class WebRequestHandlerWithClientcertificates : HttpClientHandler
    {
        bool allowPipelining;
        RequestCachePolicy cachePolicy;
        AuthenticationLevel authenticationLevel;
        TimeSpan continueTimeout;
        TokenImpersonationLevel impersonationLevel;
        int maxResponseHeadersLength;
        int readWriteTimeout;
        RemoteCertificateValidationCallback serverCertificateValidationCallback;
        bool unsafeAuthenticatedConnectionSharing;
        private X509CertificateCollection clientCertificates;

        public WebRequestHandler ()
        {
            allowPipelining = true;
            authenticationLevel = AuthenticationLevel.MutualAuthRequested;
            cachePolicy = System.Net.WebRequest.DefaultCachePolicy;
            continueTimeout = TimeSpan.FromMilliseconds (350);
            impersonationLevel = TokenImpersonationLevel.Delegation;
            maxResponseHeadersLength = HttpWebRequest.DefaultMaximumResponseHeadersLength;
            readWriteTimeout = 300000;
            serverCertificateValidationCallback = null;
            unsafeAuthenticatedConnectionSharing = false;
        }

        public bool AllowPipelining {
            get { return allowPipelining; }
            set {
                EnsureModifiability ();
                allowPipelining = value;
            }
        }

        public RequestCachePolicy CachePolicy {
            get { return cachePolicy; }
            set {
                EnsureModifiability ();
                cachePolicy = value;
            }
        }

        public AuthenticationLevel AuthenticationLevel {
            get { return authenticationLevel; }
            set {
                EnsureModifiability ();
                authenticationLevel = value;
            }
        }

        public X509CertificateCollection ClientCertificates {
            get {
                if (clientCertificates==null) {
                    clientCertificates = new X509CertificateCollection();
                }
                return clientCertificates;
            }
            set {
                if (value==null) {
                    throw new ArgumentNullException("value");
                }
                EnsureModifiability ();
                clientCertificates = value;
            }
        }

        [MonoTODO]
        public TimeSpan ContinueTimeout {
            get { return continueTimeout; }
            set {
                EnsureModifiability ();
                continueTimeout = value;
            }
        }

        public TokenImpersonationLevel ImpersonationLevel {
            get { return impersonationLevel; }
            set {
                EnsureModifiability ();
                impersonationLevel = value;
            }
        }

        public int MaxResponseHeadersLength {
            get { return maxResponseHeadersLength; }
            set {
                EnsureModifiability ();
                maxResponseHeadersLength = value;
            }
        }

        public int ReadWriteTimeout {
            get { return readWriteTimeout; }
            set {
                EnsureModifiability ();
                readWriteTimeout = value;
            }
        }

        [MonoTODO]
        public RemoteCertificateValidationCallback ServerCertificateValidationCallback {
            get { return serverCertificateValidationCallback; }
            set {
                EnsureModifiability ();
                serverCertificateValidationCallback = value;
            }
        }

        public bool UnsafeAuthenticatedConnectionSharing {
            get { return unsafeAuthenticatedConnectionSharing; }
            set {
                EnsureModifiability ();
                unsafeAuthenticatedConnectionSharing = value;
            }
        }

        internal override HttpWebRequest CreateWebRequest (HttpRequestMessage request)
        {
            HttpWebRequest wr = base.CreateWebRequest (request);

            wr.Pipelined = allowPipelining;
            wr.AuthenticationLevel = authenticationLevel;
            wr.CachePolicy = cachePolicy;
            wr.ImpersonationLevel = impersonationLevel;
            wr.MaximumResponseHeadersLength = maxResponseHeadersLength;
            wr.ReadWriteTimeout = readWriteTimeout;
            wr.UnsafeAuthenticatedConnectionSharing = unsafeAuthenticatedConnectionSharing;
            // here : maybe wr.ClientCertificates = ClientCertificates if the line below throws an error in your tests
            wr.ClientCertificates.Add(ClientCertificates);

            return wr;
        }
    }
}

现在在您的代码中使用WebRequestHandlerWithClientCertificates而不是WebRequestHandler