无法使用客户端证书建立从c#app到node.js的连接

时间:2016-01-13 16:51:19

标签: c# ssl

我有一个C#应用程序,它使用客户端证书通过TLS连接到本地node.js模拟器。 我通过firefox成功连接到模拟器,所以我认为它正常工作。 但是当我每次尝试从应用程序连接时都会抛出异常:

System.AggregateException: One or more errors occurred. ---> 
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> 
System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel. 

我通过添加到app.config启用了跟踪:

<system.diagnostics>
  <trace autoflush="true" />
  <sources>
    <source name="System.Net" maxdatasize="1024">
      <listeners>
        <add name="MyTraceFile"/>
      </listeners>
    </source>
  </sources>
  <sharedListeners>
    <add name="MyTraceFile" type="System.Diagnostics.TextWriterTraceListener" initializeData="System.Net.trace.log" />
  </sharedListeners>
  <switches>
    <add name="System.Net" value="Verbose" />
  </switches>
</system.diagnostics>

每个连接的跟踪文件的内容如下所示:

System.Net Information: 0 : [3176] Current OS installation type is 'Client'.
System.Net Verbose: 0 : [6388] HttpWebRequest#26277487::HttpWebRequest(https://127.0.0.1:9443/redfish/v1#-1567912745)
System.Net Verbose: 0 : [6388] Exiting HttpWebRequest#26277487::HttpWebRequest() 
System.Net Verbose: 0 : [6388] HttpWebRequest#26277487::HttpWebRequest(uri: 'https://127.0.0.1:9443/redfish/v1', connectionGroupName: '52919584')
System.Net Verbose: 0 : [6388] Exiting HttpWebRequest#26277487::HttpWebRequest() 
System.Net Verbose: 0 : [6388] ServicePoint#10100579::ServicePoint(127.0.0.1:9443)
System.Net Information: 0 : [6388] Associating HttpWebRequest#26277487 with ServicePoint#10100579
System.Net Verbose: 0 : [6072] HttpWebRequest#26277487::BeginGetResponse()
System.Net Information: 0 : [6072] Associating Connection#22724141 with HttpWebRequest#26277487
System.Net Verbose: 0 : [6072] Exiting HttpWebRequest#26277487::BeginGetResponse()  -> ContextAwareResult#61012356
System.Net Information: 0 : [8276] Connection#22724141 - Created connection from 127.0.0.1:61743 to 127.0.0.1:9443.
System.Net Information: 0 : [8276] TlsStream#21173642::.ctor(host=127.0.0.1, #certs=1)
System.Net Information: 0 : [8276] Associating HttpWebRequest#26277487 with ConnectStream#2172044
System.Net Information: 0 : [8276] HttpWebRequest#26277487 - Request: GET /redfish/v1 HTTP/1.1

System.Net Information: 0 : [8276] ConnectStream#2172044 - Sending headers
{
Host: 127.0.0.1:9443
Connection: Keep-Alive
}.
System.Net Information: 0 : [8276] SecureChannel#24341498::.ctor(hostname=127.0.0.1, #clientCertificates=1, encryptionPolicy=RequireEncryption)
System.Net Information: 0 : [8276] Enumerating security packages:
System.Net Information: 0 : [8276]     Negotiate
System.Net Information: 0 : [8276]     NegoExtender
System.Net Information: 0 : [8276]     Kerberos
System.Net Information: 0 : [8276]     NTLM
System.Net Information: 0 : [8276]     TSSSP
System.Net Information: 0 : [8276]     pku2u
System.Net Information: 0 : [8276]     LiveSSP
System.Net Information: 0 : [8276]     WDigest
System.Net Information: 0 : [8276]     Schannel
System.Net Information: 0 : [8276]     Microsoft Unified Security Protocol Provider
System.Net Information: 0 : [8276]     CREDSSP
System.Net Information: 0 : [8276] SecureChannel#24341498 - Attempting to restart the session using the user-provided certificate: [Version]
  V1

[Subject]
  C=PL, S=Pomorskie, L=GDN, O=Company, CN=localhost
  Simple Name: localhost
  DNS Name: localhost

[Issuer]
  CN=localhost, O=Company, L=GDN, S=3City, C=PL
  Simple Name: localhost
  DNS Name: localhost

[Serial Number]
  00DA4A8EB63CBBF520

[Not Before]
  2015-12-15 10:09:14

[Not After]
  2018-06-02 11:09:14

[Thumbprint]
  57A9E63FFBE670739443ACFC3D2A1879B894769D

[Signature Algorithm]
  sha256ECDSA(1.2.840.10045.4.3.2)

[Public Key]
  Algorithm: ECC
  Key Blob: 04 88 a8 fc be ad 02 6c 48 68 42 11 4c 03 87 f9 e6 fb 4c 74 97 e2 0b 13 5a 09 c2 62 3f 15 a2 ac b1 7f 24 d0 d5 97 37 cb 85 79 12 e9 71 13 ab e7 8e ef 79 ec d7 c5 dc b9 6c a6 2b d5 c1 e7 c4 77 08
  Parameters: 06 08 2a 86 48 ce 3d 03 01 07

[Private Key]
  Key Store: User
  Provider Name: Microsoft Software Key Storage Provider
  Provider type: 0
  Key Spec: 0
  Key Container Name: {216ECC81-B114-48F9-AA62-0A1FE8B2ECDB}
.
System.Net Information: 0 : [8276] SecureChannel#24341498 - Left with 1 client certificates to choose from.
System.Net Information: 0 : [8276] SecureChannel#24341498 - Trying to find a matching certificate in the certificate store.
System.Net Information: 0 : [8276] SecureChannel#24341498 - Locating the private key for the certificate: [Version]
  V1

[Subject]
  C=PL, S=Pomorskie, L=GDN, O=Company, CN=localhost
  Simple Name: localhost
  DNS Name: localhost

[Issuer]
  CN=localhost, O=Company, L=GDN, S=3City, C=PL
  Simple Name: localhost
  DNS Name: localhost

[Serial Number]
  00DA4A8EB63CBBF520

[Not Before]
  2015-12-15 10:09:14

[Not After]
  2018-06-02 11:09:14

[Thumbprint]
  57A9E63FFBE670739443ACFC3D2A1879B894769D

[Signature Algorithm]
  sha256ECDSA(1.2.840.10045.4.3.2)

[Public Key]
  Algorithm: ECC
  Key Blob: 04 88 a8 fc be ad 02 6c 48 68 42 11 4c 03 87 f9 e6 fb 4c 74 97 e2 0b 13 5a 09 c2 62 3f 15 a2 ac b1 7f 24 d0 d5 97 37 cb 85 79 12 e9 71 13 ab e7 8e ef 79 ec d7 c5 dc b9 6c a6 2b d5 c1 e7 c4 77 08
  Parameters: 06 08 2a 86 48 ce 3d 03 01 07

[Private Key]
  Key Store: User
  Provider Name: Microsoft Software Key Storage Provider
  Provider type: 0
  Key Spec: 0
  Key Container Name: {216ECC81-B114-48F9-AA62-0A1FE8B2ECDB}
.
System.Net Information: 0 : [8276] SecureChannel#24341498 - Certificate is of type X509Certificate2 and contains the private key.
System.Net Information: 0 : [8276] AcquireCredentialsHandle(package = Microsoft Unified Security Protocol Provider, intent  = Outbound, scc     = System.Net.SecureCredential)
System.Net Information: 0 : [8276] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = (null), targetName = 127.0.0.1, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [8276] InitializeSecurityContext(In-Buffer length=0, Out-Buffer length=137, returned code=ContinueNeeded).
System.Net Information: 0 : [8276] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = 58f20568b0:5d9d6c7de0, targetName = 127.0.0.1, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [8276] InitializeSecurityContext(In-Buffers count=2, Out-Buffer length=0, returned code=IllegalMessage).
System.Net Error: 0 : [8276] Exception in HttpWebRequest#26277487:: - The request was aborted: Could not create SSL/TLS secure channel..
System.Net Verbose: 0 : [8276] HttpWebRequest#26277487::EndGetResponse()
System.Net Error: 0 : [8276] Exception in HttpWebRequest#26277487::EndGetResponse - The request was aborted: Could not create SSL/TLS secure channel..

返回的消息代码= ContinueNeeded似乎正在返回100继续代码,在研究了一下后我添加了以下行:

ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

然而,它没有解决问题,所以我回到原点,只有返回代码= IllegalMessage 的信息 所以我的问题是:我做错了什么?

0 个答案:

没有答案