使用证书C＃在网站中验证登录

Question

我正在做一些研究，我想使用我公司的证书登录ecac网站...使用Chrome我可以毫无问题地访问系统，因为Chrome要求证书验证登录。我试图实现一个小的测试爬虫，在那里我把我的证书放在请求中，但是，政府网站总是返回错误...所以我尝试使用selenium与chrome驱动程序登录，但有了这个我有必要手动选择证书，我的想法是自动执行此操作。

我的测试来源是：

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Threading.Tasks;

namespace TestCrawler
{
    class Program
    {
        static void Main(string[] args)
        {
            string host = @"https://cav.receita.fazenda.gov.br/autenticacao/login";
            string certName = @"certificado.pfx";
            string password = @"senha";

            try
            {
                X509Certificate2 certificate = new X509Certificate2(certName, password);

                ServicePointManager.CheckCertificateRevocationList = false;
                ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true;
                ServicePointManager.Expect100Continue = true;
                HttpWebRequest req = (HttpWebRequest)WebRequest.Create(host);
                req.PreAuthenticate = true;
                req.AllowAutoRedirect = true;
                req.ClientCertificates.Add(certificate);
                req.Method = "POST";
                req.ContentType = "application/x-www-form-urlencoded";
                string postData = "login-form-type=cert";
                byte[] postBytes = Encoding.UTF8.GetBytes(postData);
                req.ContentLength = postBytes.Length;

                Stream postStream = req.GetRequestStream();
                postStream.Write(postBytes, 0, postBytes.Length);
                postStream.Flush();
                postStream.Close();
                WebResponse resp = req.GetResponse();

                Stream stream = resp.GetResponseStream();
                using (StreamReader reader = new StreamReader(stream))
                {
                    string line = reader.ReadLine();
                    while (line != null)
                    {
                        Console.WriteLine(line);
                        line = reader.ReadLine();
                    }
                }

                stream.Close();
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }
        }
    }
}

在分析ecac网站的来源时，我发现在证书的登录按钮中，执行了JS代码

  

onclick =“javascript：document.loginCert.submit（）; return false;

我的另一个测试：

using System;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Security.Cryptography.X509Certificates;

namespace TestCrawler
{
    class Program
    {
        private static string host = @"https://cav.receita.fazenda.gov.br/";
        private static string certName = @"certificado.pfx";
        private static string password = @"senha";

        static async void Login()
        {
            X509Certificate2 certificate = new X509Certificate2(certName, password);

            var handler = new WebRequestHandler();
            handler.ClientCertificates.Add(certificate);

            using (var client = new HttpClient(handler))
            {
                client.BaseAddress = new Uri(host);
                client.DefaultRequestHeaders.Accept.Clear();
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("text/html"));

                // New code:
                using (HttpResponseMessage response = await client.GetAsync("autenticacao/Login/Certificado"))
                {
                    using (HttpContent content = response.Content)
                    {
                        string result = await content.ReadAsStringAsync();
                    }
                }
            }
        }

        static void Main(string[] args)
        {
            Login();
            Console.ReadLine();
        }
    }
}