我正在调用一个需要客户端证书的API。将客户端证书安装到当前用户的个人存储中后,API调用成功。但是,当客户端证书安装到本地计算机的个人存储中时,调用失败,原因是:
The request was aborted: Could not create SSL/TLS secure channel.
下面是设置代码:
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
| SecurityProtocolType.Tls11
| SecurityProtocolType.Tls12
| SecurityProtocolType.Ssl3;
ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return true; };
const StoreName storeName = StoreName.My;
const X509FindType findType = X509FindType.FindByThumbprint;
const string findValue = "9ce5b57fe576b9a0933b426347e74e5583da59dd";
var certCurrentUser = GetCertificate(storeName, StoreLocation.CurrentUser, findType, findValue);
var certLocalMachine = GetCertificate(storeName, StoreLocation.LocalMachine, findType, findValue);
对GetCertificate()的两个调用都成功,并且证书似乎相同。(它们是从同一个.pfx安装的)
使用certCurrentUser进行此调用时,成功:
WebRequestHandler handler = new WebRequestHandler();
handler.ClientCertificates.Add(certCurrentUser);
using (var client = new HttpClient(handler))
{
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var response = await client.GetAsync("https://preprod.xconnectcollection.ce.corp.com/odata");
}
但是当使用certLocalMacher进行调用时,它会失败:
WebRequestHandler handler = new WebRequestHandler();
handler.ClientCertificates.Add(certLocalMachine);
using (var client = new HttpClient(handler))
{
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var response = await client.GetAsync("https://preprod.xconnectcollection.ce.corp.com/odata");
}
错误:
The request was aborted: Could not create SSL/TLS secure channel.
当使用本地计算机的客户端证书时,什么可能导致请求失败?
确保运行应用程序的帐户对安装的证书具有完全权限。
