Question

想象一下，你有两个应用程序，A＆amp; B，在同一个Web服务器上运行。您希望应用A通过SSL在应用B上调用webService。

是否可以使用https://localhost/appsB/webService1等地址执行此操作？

如何在没有客户端（如浏览器？）的情况下完成SSL握手？它实际上在使用此地址http://localhost/appsB/webService1时有效，而不是在SSL模式下。

但是，在调用https://localhost/appsB/webService1时，服务器和浏览器之间的HTTPS也可以正常工作。

现在，奇怪的是它有时会工作，但在使用HTTPS调用应用B上的webService时随机失败。使用HTTP它总是有效。

我的测试是在IIS7.0上使用来自Thawte的有效ssl证书，并且应用程序B不需要SSL选项。

以下是我的代码的例子：

string baseAddress = "http://localhost";
//or string baseAddress = "https://localhost";
var baseUri = new Uri(baseAddress);
//final url for appB
finalUrl = baseAddress + httpContext.Current.Request.ApplicationPath.TrimEnd('/') + "/" + url;
//Add a cookie to retrieve good contexte on appB
var cookieContainer = new CookieContainer();
using (var handler = new HttpClientHandler() { CookieContainer = cookieContainer })
using (var client = new HttpClient(handler) { BaseAddress = baseUri })
{
  cookieContainer.Add(baseUri, new Cookie("ASP.NET_SessionId", HttpContext.Current.Session.SessionID));
  HttpResponseMessage response = client.GetAsync(finalUrl).Result;
  Dictionary<string, dynamic> sData;
if (response.IsSuccessStatusCode)
{
    etc, etc..
}

Answer 1

您所要做的就是在服务器A中创建一个https客户端，以便与自己交谈。以下是我的代码。就我而言，服务器A中的客户端与服务器A上的Web服务器接口进行通信。在这种情况下，我正在测量服务器的延迟性能。

// Get Administration Server Status
    public String adminServerStatus() {

        uri = "https://" + "localhost" + ":" + adminserverport + "/home";
        result = "grn";
        adminlatency = 0;

        // Build httpHeader entity
        HttpHeaders headers = new HttpHeaders();
        HttpEntity<String> httpentity = new HttpEntity<String>(headers);

        try {

            // Build the httpClient
            TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
            SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
                .loadTrustMaterial(null, acceptingTrustStrategy)
                .build();

            SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);
            CloseableHttpClient httpClient = HttpClients.custom()
                .setSSLSocketFactory(csf)
                .build();

            // Build httpClient template
            HttpComponentsClientHttpRequestFactory requestFactory =
                new HttpComponentsClientHttpRequestFactory();
            requestFactory.setHttpClient(httpClient);               
            RestTemplate template = new RestTemplate(requestFactory);

            // Now go fire client status request & get latency duration
            timenow = System.currentTimeMillis();
            ResponseEntity<String> httpresult = template.exchange(uri, HttpMethod.GET, httpentity, String.class);
            adminlatency = System.currentTimeMillis() - timenow;

            HttpStatus statuscode = httpresult.getStatusCode();
            if (statuscode != HttpStatus.OK) {
                result = "yel";
                adminlatency = 0;
            }

            httpClient.close();

        // Error Caught
        } catch (Exception e) {
            result = "red";
            adminlatency = 0;
        }

        return result;
    }

Web服务器是否可以向自己发出HTTPS请求？

1 个答案: