我已经将IdenTrust的认证安装到我和客户的系统中。但是,只有我的才能正常运行。
我的本地计算机:Window 8,IIS 7.5,.Net v4
我们客户的系统:Windows server 2003,IIS 6,.NET v4。
认证:
版本:V3
签名算法:sha1RSA
签名有算法:sha1
问题:
1. MSDN表示以下操作系统支持该类:Window 7,Windows Vista SP1或更高版本,Windows XP SP3,Windows Server 2008(R2)。这是客户系统无法正常运行的问题吗?
2.我的客户系统正在运行许多产品,因此几乎不可能在不久的将来升级。有办法解决吗?
请给我一些建议。我对这个领域知之甚少。
以下是例外的细节。
2015-04-01 20:09:48,296 [5] INFO - TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Attempting to assign values from the properties file.
2015-04-01 20:09:48,296 [5] INFO - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Calling method to retrieve private key.
2015-04-01 20:09:48,296 [5] INFO - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Attempting to locate the private key.
2015-04-01 20:09:48,374 [5] INFO - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Acquired private key...beginning direct authentication.
2015-04-01 20:09:48,390 [5] INFO - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Beginning direct authentication...
2015-04-01 20:09:48,390 [5] INFO - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Authenticator service instance created.
2015-04-01 20:09:48,390 [5] INFO - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Calling service and requesting challenge...
2015-04-01 20:09:48,906 [5] INFO - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Challenge received.
2015-04-01 20:09:48,906 [5] INFO - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Signing challenge...
2015-04-01 20:09:48,906 [5] ERROR - OTPAuthenticator :: directUserPKIAuth :: Failed to successfully create session. Direct authentication failed.
The specified cryptographic algorithm is not supported on this platform.System.PlatformNotSupportedException: The specified cryptographic algorithm is not supported on this platform.
at System.Security.Cryptography.BCryptHashAlgorithm..ctor(CngAlgorithm algorithm, String implementation)
at System.Security.Cryptography.SHA1Cng..ctor()
at TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator.directUserPKIAuth(String systemId, AsymmetricAlgorithm privateKey)
2015-04-01 20:09:48,921 [5] FATAL - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Exception encountered when attempting to authenticate.
Failed to successfully create session. Direct authentication failed. The specified cryptographic algorithm is not supported on this platform.System.PlatformNotSupportedException: The specified cryptographic algorithm is not supported on this platform.
at System.Security.Cryptography.BCryptHashAlgorithm..ctor(CngAlgorithm algorithm, String implementation)
at System.Security.Cryptography.SHA1Cng..ctor()
at TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator.directUserPKIAuth(String systemId, AsymmetricAlgorithm privateKey)TwoFactorAuthentication.com.identrust.otp.authentication.Exceptions.ChallengeFailedException: Failed to successfully create session. Direct authentication failed. The specified cryptographic algorithm is not supported on this platform.System.PlatformNotSupportedException: The specified cryptographic algorithm is not supported on this platform.
at System.Security.Cryptography.BCryptHashAlgorithm..ctor(CngAlgorithm algorithm, String implementation)
at System.Security.Cryptography.SHA1Cng..ctor()
at TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator.directUserPKIAuth(String systemId, AsymmetricAlgorithm privateKey)
at TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator.directUserPKIAuth(String systemId, AsymmetricAlgorithm privateKey)
at TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator.authenticateTwoFactorOTP(String uid, String pwd, String otp)
2015-04-01 20:09:48,921 [5] ERROR - OTPAuthenticator :: TwoFactorAuthentication.com.identrust.otp.authentication.OTPAuthenticator :: Overall result of two-factor authentication (OTP/Pwd): FAILED.
非常感谢。
答案 0 :(得分:0)
Microsoft在Windows Vista和Windows Server 2008中引入了一个名为CNG (Cryptography API: Next Generation)的新加密API。
您尝试使用的软件正在使用使用CNG实现的.NET SHA1Cng类。因此,它不会在Windows Server 2003上运行。
鉴于2015年7月14日extended support ends for Windows Server 2003,建议您计划升级您的操作系统,特别是如果您将其用于安全关键目的。