我正在使用NuGet中的Microsoft HTTP Client Libraries,我基本上尝试使用X509Certificate2证书在HttpClient中允许TLS身份验证。
我尝试过像这样创建客户端:
WebRequestHandler certHandler = new WebRequestHandler () {
ClientCertificateOptions = ClientCertificateOption.Manual,
UseDefaultCredentials = false
};
certHandler.ClientCertificates.Add (this.ClientCertificate);
HttpClient client = new HttpClient (certHandler);
但是certHandler.ClientCertificates
失败了,因为这个getter是not implemented in Mono,所以我从那里得到一个NotImplementedException。 (我不确定为什么这仍然是TODO。)
到目前为止,我运气不好。任何想法如何在Mono环境中简单地在HttpClient上设置客户端证书?
答案 0 :(得分:1)
看起来好像只是能够将客户端证书集合传递给CreateWebRequest中的HttpWebRequest,所以由于继承了不起作用,我只是从单声道复制/粘贴了类,添加了实施。
// Copyright (c) 2013 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.Net.Cache;
using System.Net.Security;
using System.Security.Principal;
using System.Security.Cryptography.X509Certificates;
namespace System.Net.Http
{
public class WebRequestHandlerWithClientcertificates : HttpClientHandler
{
bool allowPipelining;
RequestCachePolicy cachePolicy;
AuthenticationLevel authenticationLevel;
TimeSpan continueTimeout;
TokenImpersonationLevel impersonationLevel;
int maxResponseHeadersLength;
int readWriteTimeout;
RemoteCertificateValidationCallback serverCertificateValidationCallback;
bool unsafeAuthenticatedConnectionSharing;
private X509CertificateCollection clientCertificates;
public WebRequestHandler ()
{
allowPipelining = true;
authenticationLevel = AuthenticationLevel.MutualAuthRequested;
cachePolicy = System.Net.WebRequest.DefaultCachePolicy;
continueTimeout = TimeSpan.FromMilliseconds (350);
impersonationLevel = TokenImpersonationLevel.Delegation;
maxResponseHeadersLength = HttpWebRequest.DefaultMaximumResponseHeadersLength;
readWriteTimeout = 300000;
serverCertificateValidationCallback = null;
unsafeAuthenticatedConnectionSharing = false;
}
public bool AllowPipelining {
get { return allowPipelining; }
set {
EnsureModifiability ();
allowPipelining = value;
}
}
public RequestCachePolicy CachePolicy {
get { return cachePolicy; }
set {
EnsureModifiability ();
cachePolicy = value;
}
}
public AuthenticationLevel AuthenticationLevel {
get { return authenticationLevel; }
set {
EnsureModifiability ();
authenticationLevel = value;
}
}
public X509CertificateCollection ClientCertificates {
get {
if (clientCertificates==null) {
clientCertificates = new X509CertificateCollection();
}
return clientCertificates;
}
set {
if (value==null) {
throw new ArgumentNullException("value");
}
EnsureModifiability ();
clientCertificates = value;
}
}
[MonoTODO]
public TimeSpan ContinueTimeout {
get { return continueTimeout; }
set {
EnsureModifiability ();
continueTimeout = value;
}
}
public TokenImpersonationLevel ImpersonationLevel {
get { return impersonationLevel; }
set {
EnsureModifiability ();
impersonationLevel = value;
}
}
public int MaxResponseHeadersLength {
get { return maxResponseHeadersLength; }
set {
EnsureModifiability ();
maxResponseHeadersLength = value;
}
}
public int ReadWriteTimeout {
get { return readWriteTimeout; }
set {
EnsureModifiability ();
readWriteTimeout = value;
}
}
[MonoTODO]
public RemoteCertificateValidationCallback ServerCertificateValidationCallback {
get { return serverCertificateValidationCallback; }
set {
EnsureModifiability ();
serverCertificateValidationCallback = value;
}
}
public bool UnsafeAuthenticatedConnectionSharing {
get { return unsafeAuthenticatedConnectionSharing; }
set {
EnsureModifiability ();
unsafeAuthenticatedConnectionSharing = value;
}
}
internal override HttpWebRequest CreateWebRequest (HttpRequestMessage request)
{
HttpWebRequest wr = base.CreateWebRequest (request);
wr.Pipelined = allowPipelining;
wr.AuthenticationLevel = authenticationLevel;
wr.CachePolicy = cachePolicy;
wr.ImpersonationLevel = impersonationLevel;
wr.MaximumResponseHeadersLength = maxResponseHeadersLength;
wr.ReadWriteTimeout = readWriteTimeout;
wr.UnsafeAuthenticatedConnectionSharing = unsafeAuthenticatedConnectionSharing;
// here : maybe wr.ClientCertificates = ClientCertificates if the line below throws an error in your tests
wr.ClientCertificates.Add(ClientCertificates);
return wr;
}
}
}
现在在您的代码中使用WebRequestHandlerWithClientCertificates而不是WebRequestHandler