8

我已经下载了通过 https 提供 API 的产品的试用版。目前在我的 asp.net mvc web 应用程序中,我正在执行以下操作来执行对产品试用版的 API 调用:-

[HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult Create(RackJoin rj, FormCollection formValues)
        {
            string controllername = RouteData.Values["controller"].ToString();
            if (ModelState.IsValid)
            {
                var message = "";
                var status = "";
                long assetid = new long();
                XmlDocument doc = new XmlDocument();
                using (var client = new WebClient())
                {
                    var query = HttpUtility.ParseQueryString(string.Empty);
                    foreach (string key in formValues)
                    {
                        query[key] = this.Request.Form[key];
                    }

query["username"] =  System.Web.Configuration.WebConfigurationManager.AppSettings["ApiUserName"];
query["password"] =  System.Web.Configuration.WebConfigurationManager.AppSettings["ApiPassword"];
string apiurl = "https://win-spdev:8400/servlets/AssetServlet";
//code goes here…..
                    var url = new UriBuilder(apiurl);
                    url.Query = query.ToString();

但我会得到以下异常: -

发生错误:System.Security.Authentication.AuthenticationException:根据验证程序,远程证书无效。在 System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken 消息,AsyncProtocolRequest asyncRequest,异常异常)在 System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken 消息,AsyncProtocolRequest asyncRequest)在 System.Net.Security.SslState.StartSendBlob(字节[ ] 传入,Int32 计数,AsyncProtocolRequest asyncRequest) 在 System.Net.Security.SslState.ProcessReceivedBlob(Byte[] 缓冲区,Int32 计数,AsyncProtocolRequest asyncRequest) 在 System.Net.Security.SslState.StartReadFrame(Byte[] 缓冲区,Int32 readBytes, AsyncProtocolRequest asyncRequest) 在 System.Net.Security.SslState.StartReceiveBlob(Byte[] 缓冲区,

请记住,如果我直接从我的网络浏览器调用 API,我可以毫无问题地调用 API,如下所示:-

https://win-spdev:8400/servlets/AssetServlet?username=tmsservice&password=test2test2&assetType=Rack&operation=UpdateAsset&assetName=rack9090909858585&accountName=GROUP&siteName=test%20site&productName=rackproductone

那么这个问题是否与 API 通过 https 相关,并且由于我在我的开发机器中使用产品的试用版,我应该安装一个有效的证书吗?还是问题与安全认证无关?谢谢

4

2 回答 2

32

问题是您没有配置有效的 SSL 证书。由于有效的 SSL 证书需要花钱,出于开发目的,我猜您使用了自动签名证书。ServerCertificateValidationCallback您可以通过设置静态属性来忽略这些错误Application_Start

System.Net.ServicePointManager.ServerCertificateValidationCallback += 
    (s, cert, chain, sslPolicyErrors) => true;

注意:避免在生产中这样做。当您在 LIVE 上部署时,请确保您使用的是有效的 SSL 证书。

于 2013-08-07T11:41:15.207 回答
2

向 Darin Dimitrov 致敬……VB.NET 的人们可以使用它(在我的 Web 应用程序的 Global.asax.vb 中):

Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
System.Net.ServicePointManager.ServerCertificateValidationCallback = Function(s, cert, chain, sslPolicyErrors)
                                                                       Return True
                                                                     End Function
End Sub
于 2015-01-14T00:45:33.320 回答