我正在尝试保护我的RESTService,但是当我启用https时,我收到了ERR_CONNECTION_RESET消息!
以下是我生成证书的代码:
ReferenceError这是启动RESTService的代码:
public void generateCert()
{
String certSerial = ConfigDto.loadConfig(ConfigDto.CERT_SERIAL);
X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);
BackendContext.Current.Log.WriteLine("Search for certificate with serialnumber: " + certSerial);
int count = store.Certificates.Find(X509FindType.FindBySerialNumber, certSerial, false).Count;
if(count == 1)
{
BackendContext.Current.Log.WriteLine("Certificate found");
return;
}
if(count >1)
{
BackendContext.Current.Log.WriteLine("More then one certificate found - remove all!");
store.RemoveRange(store.Certificates.Find(X509FindType.FindBySerialNumber, certSerial, false));
}
using (CryptContext ctx = new CryptContext())
{
ctx.Open();
X509Certificate2 cert = ctx.CreateSelfSignedCertificate(
new SelfSignedCertProperties
{
IsPrivateKeyExportable = true,
KeyBitLength = 4096,
Name = new X500DistinguishedName("cn="+BackendContext.Current.Config.Hostname),
ValidFrom = DateTime.Today.AddDays(-1),
ValidTo = DateTime.Today.AddYears(10),
});
store.Add(cert);
BackendContext.Current.Log.WriteLine("Create certificate with serialnumber: " + cert.SerialNumber);
ConfigDto.saveConfig(ConfigDto.CERT_SERIAL, cert.SerialNumber);
}
store.Close();
}
当我在firefox上打开我的RESTService时,它告诉我,网站无法加载,因为他无法验证收到的数据。
我认为我没有正确创建证书。
有什么想法吗?
答案 0 :(得分:0)
您可以使用它来验证您的SSL设置(确保将此YOUR_WEB_SERVICEURL_HERE替换为您的网址):
https://www.ssllabs.com/ssltest/analyze.html?d=[YOUR_WEB_SERVICEURL_HERE]&hideResults=on