Farseer

导航

D365 FO第三方访问https证书问题

 D365FO采用https,第三方通过API调用的时候,客户端不见得信任D365FO的证书,调用时候会报
基础连接已关闭,发送时发生错误,调用堆栈如下:

 1    at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
 2    at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
 3    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
 4    at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
 5    at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
 6    at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
 7    at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
 8    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
 9    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
10    at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
11    at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
12    at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
13    at System.Net.ConnectStream.WriteHeaders(Boolean async)

从调用堆栈看,应该是跟SSL验证有关系。
当然有时候还会直接报
基础连接已经关闭: 未能为 SSL/TLS 安全通道建立信任关系
这个就更直接了。
网上有很多解决办法,目的是让https请求跳过客户端对SSL证书的验证。

1 ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
2             ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(
3                 (object caller,
4                 X509Certificate certifacate,
5                 X509Chain chain,
6                 SslPolicyErrors erros) => { return true; });            
7             var request = HttpWebRequest.Create(url);

这段代码一定要放到HttpWebRequest之前,要不然回调的时候调不到方法。
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
这一句也是必须的,D365的协议版本是Tls12,指定别的版本也不会跳过检查。

posted on 2020-06-18 16:13  佛西亚  阅读(488)  评论(0编辑  收藏  举报