在此站点(https://docs.microsoft.com/es-es/aspnet/core/tutorials/grpc/grpc-start?view=aspnetcore-3.0&tabs=visual-studio)中,Microsoft撰写了有关GRPC的用法,并发布了可供下载的示例。一个示例是证明者。 验证者显示了如何配置客户端和服务器以通过gRPC调用使用TLS client certificate。服务器配置为使用ASP.NET Core client certificate authentication要求客户端证书。
在我的代码中,我编写了clienta,替换了原始客户端,在解决方案资源管理器中,我无法读取IIS生成的两个文件client.pfx和clienta.pfx。 代码是:
private static HttpClient CreateHttpClient(bool includeClientCertificate)
{
var handler = new HttpClientHandler();
if (includeClientCertificate)
{
// Load client certificate
var basePath = Path.GetDirectoryName(typeof(Program).Assembly.Location);
// var certPath = Path.Combine(basePath!, "Certs", "client.pfx");
var certPath = Path.Combine(basePath!, "Certs", "clienta.pfx");
// var clientCertificate = new X509Certificate2(certPath, "1111");
var clientCertificate = new X509Certificate2(certPath, "Javier", X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.EphemeralKeySet);
handler.ClientCertificates.Add(clientCertificate);
}
// Create client
return new HttpClient(handler);
}
错误是
Internal.Cryptography.CryptoThrowHelper.WindowsCryptographicException
HResult=0x80070002
Mensaje = El sistema no puede encontrar el archivo especificado.
Origen = System.Security.Cryptography.X509Certificates
Seguimiento de la pila:
at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(Byte[] rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at Client.Program.CreateHttpClient(Boolean includeClientCertificate) in C:\Users\HP\Source\Repos\Grpc Ejemplos\grpc-dotnet\examples\Certifier\Client\Program.cs:line 87