C#

时间:2017-06-18 17:39:16

标签: c# powershell ssl automation

我有一个三星智能交流电(热泵/迷你分体),并希望对它进行一些自动化。我的Android手机上有一个APP。 通过研究很多我发现我可以用OpenSSL.exe来控制我的AC:

openssl.exe s_client -connect 192.168.1.154:2878

然后在建立连接后,我可以复制/粘贴它:

"<Request Type="AuthToken"><User Token="16968012-2892-M993-N707-3738REMOVED" /></Request>"
"<Request Type="DeviceControl"><Control CommandID="cmd11111" DUID="7825ADREMOVED"><Attr ID="AC_FUN_POWER" Value="On" /></Control></Request>"

然后AC开启。

问题在于我无法自动执行任务,因为我必须等待已建立连接,然后复制/粘贴请求。 Openssl.exe似乎没有采用我可以使用的任何参数。

我在Powershell中尝试过使用Invoke-WebRequest / RestMethod,但是我收到了SSL / TLS错误。我也尝试过C#,但结果相同。

public static bool AcceptAllCertifications(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certification, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors)
    {
        return true;
    }
    static void Main(string[] args)
    {

        ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications);
        Uri uri = new Uri("https://192.168.1.154:2878");
        WebRequest webRequest = WebRequest.Create(uri);
        WebResponse webResponse = webRequest.GetResponse();
        webResponse.GetResponseStream();

        Console.Read();

    }

给我这个错误

The request was aborted: Could not create SSL/TLS secure channel.

因为您可以看到我甚至无法使用C#GET /连接到AC而不会收到SSL错误。

我无法弄清楚&#39; Openssl.exe s_client&#39;自从它起作用。任何人都可以开导我吗?

更新 OpenSSL的输出:


    C:\Program Files (x86)\GnuWin32\bin>openssl.exe s_client -connect 192.168.1.154:2878
    Loading 'screen' into random state - done
    CONNECTED(0000017C)
    depth=0 /C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/emailAddress=moweon.lee@samsung.com
    verify error:num=20:unable to get local issuer certificate
    verify return:1
    depth=0 /C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/emailAddress=moweon.lee@samsung.com
    verify error:num=21:unable to verify the first certificate
    verify return:1
    ---
    Certificate chain
     0 s:/C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/emailAddress=moweon.lee@samsung.com
       i:/C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/emailAddress=moweon.lee@samsung.com
    ---
    Server certificate
    -----BEGIN CERTIFICATE-----
    MIIDdDCCAt2gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBkTELMAkGA1UEBhMCS1Ix
    DjAMBgNVBAcTBVN1d29uMRwwGgYDVQQKExNTYW1zdW5nIEVsZWN0cm9uaWNzMRsw
    GQYDVQQLExJEaWdpdGFsIEFwcGxpY2FuY2UxEDAOBgNVBAMTB2EyODc4NDgxJTAj
    BgkqhkiG9w0BCQEWFm1vd2Vvbi5sZWVAc2Ftc3VuZy5jb20wHhcNNzAwMTAxMDkw
    MDE2WhcNNzAwMjAxMDkwMDE2WjCBkTELMAkGA1UEBhMCS1IxDjAMBgNVBAcTBVN1
    d29uMRwwGgYDVQQKExNTYW1zdW5nIEVsZWN0cm9uaWNzMRswGQYDVQQLExJEaWdp
    dGFsIEFwcGxpY2FuY2UxEDAOBgNVBAMTB2EyODc4NDgxJTAjBgkqhkiG9w0BCQEW
    Fm1vd2Vvbi5sZWVAc2Ftc3VuZy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
    AoGBANWEclyhZblo3TwG39hFVZK+LHTICEbgWwHQdAx1RwLFvIgsTFlgHu8Hb0fC
    AN2Wknx5vb0ks355PycY/xlUY6Rmr3eSU34undtt7jE1K0OYeasUOvxpXyBtmSo6
    72YtDSN6rh3F6SgOKrUVsQFDCJ2V5CQHxKyH5FFwAmcHUbjzAgMBAAGjgdkwgdYw
    CQYDVR0TBAIwADAkBglghkgBhvhCAQ0EFxYVIlNhbXN1bmcgZWxlY3Ryb25pY3Mi
    MB0GA1UdDgQWBBTdhKfUKlp5ocnU6K9BF4smWiDPbzBfBgNVHSMEWDBWoUmkRzBF
    MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
    ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkggkAvwoLvHnlSoIwCwYDVR0PBAQDAgUgMBYG
    A1UdEQQPMA2CC3NhbXN1bmcuY29tMA0GCSqGSIb3DQEBBQUAA4GBAHfi+2JxtpvO
    6MFZReZkXg+GMOt2UEPqFKpeJGCRdCoKnEmvBMUsp8PaopZ6uy/Z3V4FIhP/wcUv
    fC1+feizmZkzO3ixThJH6zo3edEjZAA7KBj+ecfLYd/PTXkAfIJFM9RlCfAkbbbc
    gGSDyBpGJ4wJHhB91bjK8qamUw5LJJrY
    -----END CERTIFICATE-----
    subject=/C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/emailAddress=moweon.lee@samsung.com
    issuer=/C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/emailAddress=moweon.lee@samsung.com
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 1212 bytes and written 202 bytes
    ---
    New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
    Server public key is 1024 bit
    Compression: NONE
    Expansion: NONE
    SSL-Session:
        Protocol  : TLSv1
        Cipher    : DHE-RSA-AES256-SHA
        Session-ID: D4576CA26103343877505F0B1726833E7F3C76481EFD01233EF21B482C4D4FBA
        Session-ID-ctx:
        Master-Key: 7609462DC362B422115C370DA282106208842119047CF97F384F3E1B5079AF5CE72A5CF9FA35A41C2D67400672E70CAE
        Key-Arg   : None
        Start Time: 1498081620
        Timeout   : 300 (sec)
        Verify return code: 21 (unable to verify the first certificate)
    ---
    DRC-1.00
    

    closed

1 个答案:

答案 0 :(得分:1)

您遇到的问题很可能是SSL / TLS协议的版本。

你的回调是对的。

如果您的服务器仅允许SSLv3和TLSv10,并且您的客户端需要TLSv12,那么您将收到此类错误。

让他们两个使用相同的版本。

使用此:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

注意:根据您的协议版本,您可以相应地更改占位符。

相关问题
最新问题