The request with exception: The SSL connection could not be established, see inner exception. req...

時間  2020-12-26
標籤 git github json centos 服務器 app async post 測試 jsonp 欄目 SSL 简体版
原文   原文鏈接

 

查看 OPENSSLDIR 路徑終極解決方案git

一、查看 OPENSSLDIR 路徑github

$ openssl version -a

  

二、而後把 CentOS 默認的 openssl CA證書拷貝過來。json

$ cp /etc/pki/tls/cert.pem /usr/local/openssl/

 

參考鏈接:https://lamjack.github.io/2018/05/11/centos-compile-openssl-missing-ca-bundle-crt/centos

 

 

 

 

 

忽略如下服務器

============================================================app

DOTNET CORE 部署 Centos7 拋出異常async

環境變量以下:post

.NET Core SDK (reflecting any global.json):
Version: 2.2.401
Commit: 729b316c13測試

Runtime Environment:
OS Name: centos
OS Version: 7
OS Platform: Linux
RID: centos.7-x64
Base Path: /usr/share/dotnet/sdk/2.2.401/jsonp

Host (useful for support):
Version: 2.2.6
Commit: 7dac9b1b51

.NET Core SDKs installed:
2.2.401 [/usr/share/dotnet/sdk]

.NET Core runtimes installed:
Microsoft.AspNetCore.All 2.2.6 [/usr/share/dotnet/shared/Microsoft.AspNetCore.All]
Microsoft.AspNetCore.App 2.2.6 [/usr/share/dotnet/shared/Microsoft.AspNetCore.App]
Microsoft.NETCore.App 2.2.6 [/usr/share/dotnet/shared/Microsoft.NETCore.App]

To install additional .NET Core runtimes or SDKs:
https://aka.ms/dotnet-download

 

測試代碼:

using System; using System.Diagnostics; using System.Net.Http; using System.Net.Http.Headers; namespace TestHttpClient { class Program { static void Main(string[] args) { try { using (var httpClient = new HttpClient()) { httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); string url = "https://jsonplaceholder.typicode.com/posts/1"; var response = httpClient.GetAsync(url).Result; string jsonResult = response.Content.ReadAsStringAsync().Result; } } catch (Exception ex) { Debug.WriteLine(ex.ToString()); } } } }

 

服務器拋出異常:

System.AggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.) ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
……………………………………………………

 

OR

The remote certificate is invalid according to the validation procedure.

 

解決方案:

 

By defining the System.Net.Http.UseSocketsHttpHandler switch in the .netcore.runtimeconfig.json configuration file:

  
"runtimeOptions": {
  "configProperties": {
      "System.Net.Http.UseSocketsHttpHandler": false
  }
}

 =====================

以上能夠解決問題,但不是根本解決

問題分析以下:

後續請參考如下:

using System; using System.Diagnostics; using System.Net; using System.Net.Http; using System.Net.Http.Headers; using System.Net.Security; using System.Security.Cryptography.X509Certificates; using System.Threading.Tasks; namespace ConsoleClientTest { internal class Program { private static async Task Main(string[] args) { try { //AppContext.SetSwitch("System.Net.Http.UseSocketsHttpHandler", false);
                using (var httpClientHandler = new HttpClientHandler()) { httpClientHandler.ServerCertificateCustomValidationCallback = (message, certificate, chain, sslPolicyErrors) => { Console.WriteLine("\r\n\r\n===================message==================\r\n\r\n {0}", message.ToString()); Console.WriteLine("\r\n\r\n==================cert==================\r\n\r\n {0}", certificate.ToString()); Console.WriteLine("\r\n\r\n==================chain==================\r\n\r\n{0}", chain.ToString()); Console.WriteLine("\r\n\r\n==================chain status==================\r\n\r\n{0}", chain.ChainStatus.ToString()); Console.WriteLine("\r\n\r\n==================errors==================\r\n\r\n{0}", sslPolicyErrors.ToString()); Console.WriteLine("\r\n\r\n====================================================\r\n\r\n"); Console.WriteLine($"Received certificate with subject {certificate.Subject}"); Console.WriteLine("\r\n\r\n====================================================\r\n\r\n"); Console.WriteLine($"Current policy errors: {sslPolicyErrors}"); Console.WriteLine("\r\n\r\n====================================================\r\n\r\n"); if (sslPolicyErrors == SslPolicyErrors.None) return true; else { if ((SslPolicyErrors.RemoteCertificateNameMismatch & sslPolicyErrors) == SslPolicyErrors.RemoteCertificateNameMismatch) { Console.WriteLine("證書名稱不匹配{0}", sslPolicyErrors); } if ((SslPolicyErrors.RemoteCertificateChainErrors & sslPolicyErrors) == SslPolicyErrors.RemoteCertificateChainErrors) { foreach (X509ChainStatus status in chain.ChainStatus) { Console.WriteLine("status code = {0}", status.Status); Console.WriteLine("Status info = {0}", status.StatusInformation); } } Console.WriteLine("證書驗證失敗{0}", sslPolicyErrors); } return false; }; Console.WriteLine("\r\n\r\n====================================================\r\n\r\n"); using (var httpClient = new HttpClient(httpClientHandler)) { httpClient.DefaultRequestHeaders.Accept.Add( new MediaTypeWithQualityHeaderValue("application/json")); const string url = "https://jsonplaceholder.typicode.com/posts/1"; using (var response = await httpClient.GetAsync(url)) { var jsonResult = await response.Content.ReadAsStringAsync(); Console.WriteLine(jsonResult); } } } } catch (Exception ex) { Console.WriteLine(ex.ToString()); } } } }

 

經過以上代碼,打印出如下語句

 

Status info = unable to get local issuer certificate trustasia

 

回想起昨天編譯Nginx,手動安裝了OPENSSL,版本問題,恢復後,一切正常

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程