解决linux netcore https请求使用自签名证书忽略安全检查方法
当前系统环境:centos7 x64. dotnet 2.0.
不管是
ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true;
还是:
HttpClient httpClient = new HttpClient(new HttpClientHandler() { ServerCertificateCustomValidationCallback = (a, b, c, d) => true });
都会发生错误:
错误信息大致如下:
(The handler does not support custom handling of certificates with this combination of libcurl (7.29.0) and its SSL backend ("NSS/3.28.4").) ---> System.PlatformNotSupportedException: The handler does not support custom handling of certificates with this combination of libcurl (7.29.0) and its SSL backend ("NSS/3.28.4").
at System.Net.Http.CurlHandler.SslProvider.SetSslOptionsForUnsupportedBackend(EasyRequest easy, ClientCertificateProvider certProvider)
at System.Net.Http.CurlHandler.SslProvider.SetSslOptions(EasyRequest easy, ClientCertificateOption clientCertOption)
解决方案:
# yum update(可选)
# yum install openssl-devel gcc #安装openssl和gcc
# 安装指定版本的curl
# wget https://curl.haxx.se/download/curl-7.55.1.tar.gz
# tar -zxf curl-7.55.1.tar.gz
# cd curl-7.55.1
# ./configure --prefix=/usr/local/curl/ --without-nss --with-ssl=/usr/local/ssl/
# make
# make install
#备份原来的curl
mv /usr/bin/curl /usr/bin/curl.bak
#将安装的curl 创建软连
ln -s /usr/local/curl/bin/curl /usr/bin/curl
# curl --version
#差不多输出下面的内容
#curl 7.55.1 (x86_64-pc-linux-gnu) libcurl/7.55.1 OpenSSL/1.0.2k zlib/1.2.7
#增加lib搜索目录
# vi /etc/ld.so.conf
#增加
# /usr/local/curl/lib
# cat /etc/ld.so.conf
差不多下面这样子
#
include ld.so.conf.d/*.conf
/usr/local/curl/lib
# 重新load配置
# ldconfig
参考文章:
https://www.latoooo.com/xia_zhe_teng/368.htm
https://segmentfault.com/a/1190000012282935
https://www.cnblogs.com/Anker/p/3209876.html
https://github.com/dotnet/corefx/issues/9728#issuecomment-286251370