12

可能重复:
请求被中止:无法创建 SSL/TLS 安全通道

我正在尝试使用客户端证书发送 http 请求。文件,在本例中为 .p12文件。但是,当它到达该行时responseStream = httpRequest.GetRequestStream();,它会抛出一个 WebException:System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.

我在 IIS7.5(在 Windows 7 上)上对此进行调试,其中应用程序池标识为“LocalSystem”。

我该如何解决这个问题?

        System.IO.Stream responseStream = null;
        string errorString = string.Empty;
        ;
        string postData = string.Empty;
        HttpWebRequest httpRequest = null;
        System.Text.Encoding Encoding = new System.Text.UTF8Encoding();
        try
        {
            XmlDocument orderXml = new XmlDocument();
            orderXml.Load(@"c:\xmlfile.xml");
            postData = orderXml.InnerXml;

            byte[] byte1 = Encoding.GetBytes(postData);

            httpRequest = (HttpWebRequest)WebRequest.Create("https://testurl.com/SOAP_v1_0/");
            httpRequest.Method = "POST";
            httpRequest.Timeout = 9000;
            httpRequest.KeepAlive = false;
            httpRequest.ContentType = "text/xml; charset=" + "utf-8";
            httpRequest.ContentLength = byte1.Length;

            X509Certificate2 certificate = new X509Certificate2(@"c:\file.p12", "password", X509KeyStorageFlags.Exportable);
            X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);

            try
            {
                store.Open(OpenFlags.ReadWrite);

                if (!store.Certificates.Contains(certificate))
                {
                    store.Add(certificate);
                }

                int indexOfCertificate = store.Certificates.IndexOf(certificate);
                certificate = store.Certificates[indexOfCertificate];
            }

            finally
            {
                store.Close();
            }

            httpRequest.ClientCertificates.Add(certificate);

            responseStream = httpRequest.GetRequestStream();

            responseStream.Write(byte1, 0, byte1.Length);
        }
        catch (WebException webExcp)
        {
            errorString += "Error message: " + webExcp.Message;

            // Get the WebException status code.
            WebExceptionStatus status = webExcp.Status;

            if (status == WebExceptionStatus.ProtocolError)
            {
                // Get HttpWebResponse so that you can check the HTTP status code.
                HttpWebResponse httpResponse = (HttpWebResponse)webExcp.Response;
                errorString += "; The server returned protocol error " + httpResponse.StatusCode + " - " + httpResponse.StatusCode;
                httpResponse.Close();
            }
        }
        catch (Exception e)
        {
            errorString += "Error message: " + e.Message;
        }
        finally
        {
            if (responseStream != null)
            {
                responseStream.Close();
            }
        }
    }

使用跟踪日志运行时,这些是指定错误的行:

System.Net Information: 0 : [4968] SecureChannel#2399524 - Certificate is of type X509Certificate2 and contains the private key.

System.Net Information: 0 : [4968] AcquireCredentialsHandle(package = Microsoft Unified Security Protocol Provider, intent  = Outbound, scc     = System.Net.SecureCredential)

System.Net Error: 0 : [4968] AcquireCredentialsHandle() failed with error 0X8009030D.

System.Net Information: 0 : [4968] AcquireCredentialsHandle(package = Microsoft Unified Security Protocol Provider, intent  = Outbound, scc     = System.Net.SecureCredential)

System.Net Error: 0 : [4968] AcquireCredentialsHandle() failed with error 0X8009030D.
System.Net.Sockets Verbose: 0 : [4968] Socket#59311937::Dispose()

System.Net Error: 0 : [4968] Exception in the HttpWebRequest#50160154:: - The request was aborted: Could not create SSL/TLS secure channel.

System.Net Error: 0 : [4968] Exception in the HttpWebRequest#50160154::EndGetRequestStream - The request was aborted: Could not create SSL/TLS secure channel.
4

1 回答 1

41

您需要为您的应用创建一个 system.net 日志。您需要创建一个 myapp.exe.config 配置文件并将以下内容放入其中。

<?xml version="1.0" encoding="UTF-8"?>

<configuration>
    <system.diagnostics>
        <trace autoflush="true" />
        <sources>
            <source name="System.Net">
                <listeners>
                    <add name="System.Net" />
                </listeners>
            </source>
            <source name="System.Net.Sockets">
                <listeners>
                    <add name="System.Net" />
                </listeners>
            </source>
            <source name="System.Net.Cache">
                <listeners>
                    <add name="System.Net" />
                </listeners>
            </source>
        </sources>
        <sharedListeners>
            <add
                name="System.Net"
                type="System.Diagnostics.TextWriterTraceListener"
                initializeData="System.Net.trace.log"
            />
        </sharedListeners>
        <switches>
            <add name="System.Net" value="Verbose" />
            <add name="System.Net.Sockets" value="Verbose" />
            <add name="System.Net.Cache" value="Verbose" />
        </switches>
    </system.diagnostics>
</configuration>

如果您使用此配置文件运行,它将创建一个名为 system.net.trace.log 的日志文件。该文件将包含有关失败原因的更多详细信息。

于 2012-09-08T03:56:30.570 回答