DotNet Core HttpClient安全性错误

时间:2018-01-16 14:09:14

标签: .net-core httpclient

我有一个类库来执行4.6.1框架中构建的Rest API调用。我使用System.Net.Http V4 HttpClient来管理调用。此库适用于普通的dotnet应用程序。最近我尝试使用DotNet Core应用程序,它因安全性错误而失败。后来我根据post中的建议修改了库。它有一些进展,但应用程序失败并显示错误,如下所示

错误消息:发送请求时发生错误。 Innerexception消息:发生安全性错误。 堆栈跟踪:    在System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()    在System.Threading.Tasks.RendezvousAwaitable`1.GetResult()    在System.Net.Http.WinHttpHandler.d__105.MoveNext()

图书馆代码:

private readonly HttpClient _client = null;
private ICredentials somecred;

    public Program()
    {
        HttpClientHandler clientHandler = new HttpClientHandler { Credentials = somecred, UseDefaultCredentials = false };
        _client=new HttpClient(new MessageHandler(clientHandler, TimeSpan.FromSeconds(1), 1), false);
        _client.Timeout = TimeSpan.FromSeconds(90);
        _client.BaseAddress = new Uri("https://somedomain.com/");

        ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
        ServicePointManager.DefaultConnectionLimit = 10;
        ServicePointManager.Expect100Continue = true;
    }

    public async Task<IOperationResponse> GetData()
    {
        ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

        using (HttpResponseMessage httpResponse =
                await _client.SendAsync(new HttpRequestMessage(HttpMethod.Head, "api/getdata"), HttpCompletionOption.ResponseHeadersRead).ConfigureAwait(false)
                )
        {
            if (httpResponse != null) { ... }
        }
    }

    internal class MessageHandler : DelegatingHandler
    {
        public MessageHandler(HttpMessageHandler innerHandler, TimeSpan retryInterval, int retryCount) : base(innerHandler)
        {

        }

        protected override async Task<HttpResponseMessage> SendAsync(
        HttpRequestMessage request,
        CancellationToken cancellationToken)
        {
            HttpResponseMessage response = null;

            //!! security error in below line
            response = await base.SendAsync(request, cancellationToken).ConfigureAwait(false);
        }
    }

请告诉我,这个库需要做些什么来运行DotNet Core应用程序。感谢。

2 个答案:

答案 0 :(得分:2)

我已经使用核心项目和外部4.5库本地测试了您的代码,并且我可以获得安全错误的唯一方法是,如果目标站点没有正确的安全级别(即未正确设置SSL)。在定位正确配置了SSL的网站时,电话会通过。

确保您的目标具有SSL设置或定位另一个已知正常工作的SSL站点以进行测试,以确定您是否仍然遇到此问题。

答案 1 :(得分:0)

我按照我的同事建议修改了以下代码并修复了它。

XSSFSheet TcSheet = workbook.getSheet(TestCaseName);
int TcRow = TcSheet.getLastRowNum();
int TcCol = TcSheet.getRow(1).getLastCellNum();

data = new Object[TcCol][TcRow + 1];
for (int i = 0; i <= TcRow; i++) {
    for (int j = 0; j < TcCol; j++) {
        Cell Cell = TcSheet.getRow(i).getCell(j);
        TcSheet.getRow(i).getCell(j).setCellType(Cell.CELL_TYPE_STRING);
        data[j][i] = TcSheet.getRow(i).getCell(j).getStringCellValue();
    }
}
return data;

我将此标记为答案,但我并不完全理解这种行为。

相关问题
最新问题