通过证书请求Https站点

前几天在做与平安银行对接接口,主要是给平安银行推送用户数据(申请贷款的用户),平安银行提供的是https的地址,请求https地址的时候还要发送证书,刚接到这个任务的时候一头雾水,百度上各种所搜,最后还是给解决了。

幸好前几天在博客园里看到一篇文章,给了我很大帮助,地址:http://www.cnblogs.com/caiwenz/p/3913461.html

现在来看程序怎么实现。

首先看一下证书,下图是平安银行接口人给发送的证书,里面的证书有java使用的,有PHP使用的,也有.NET使用,当我打电话向平安银行接口人咨询.NET需要用到那个证书时,对方的回答他也不知道,然后只能去百度了。

其中红色框圈住的是.NET需要的证书

271755537353009

public class HttpHelper
    {
       /// <summary>
       /// 证书路径
       /// </summary>
       public string CertificateFilePath { get; set; }
       /// <summary>
       /// 证书密码
       /// </summary>
       public string CertificateFilePwd { get; set; }

       public HttpHelper()
       {
           //ServicePointManager.ServerCertificateValidationCallback += ServerCertificateValidationCallback;//验证服务器证书回调自动验证
       }
       /// <summary>
       /// 发送POST请求
       /// </summary>
       /// <param name="url">请求的地址</param>
       /// <param name="Content">请求的内容</param>
       /// <param name="isLoadCert">是否加载证书</param>
       /// <returns></returns>
       public String Post(String url, String Content, bool isLoadCert)
       {
           string html = "";
           HttpWebRequest webReqst = (HttpWebRequest)WebRequest.Create(url);
           if (isLoadCert)
           {
               //创建证书
               X509Certificate2 cert = CreateX509Certificate2();
               //添加证书认证
               webReqst.ClientCertificates.Add(cert);
           }
           webReqst.Method = "POST";
           webReqst.KeepAlive = true;
           webReqst.ContentType = "application/x-www-form-urlencoded";
           try
           {
               byte[] data = Encoding.Default.GetBytes(Content);
               webReqst.ContentLength = data.Length;
               Stream stream = webReqst.GetRequestStream();
                   stream.Write(data, 0, data.Length);
                   HttpWebResponse webResponse = (HttpWebResponse)webReqst.GetResponse();
                   if (webResponse.StatusCode == HttpStatusCode.OK && webResponse.ContentLength < 1024 * 1024)
                   {
                       StreamReader reader = new StreamReader(webResponse.GetResponseStream(), Encoding.Default);
                       html = reader.ReadToEnd();
                   }
           }
           catch(Exception ex)
           {
               throw ex;
           }

           return html;
       }

        /// <summary>
        /// 创建证书
        /// </summary>
        /// <returns>X509Certificate2对象</returns>
        public X509Certificate2 CreateX509Certificate2()
        {
            X509Certificate2 cert = null;
            try
            {
                cert = new X509Certificate2(CertificateFilePath, CertificateFilePwd);
                ServicePointManager.ServerCertificateValidationCallback =
                    new RemoteCertificateValidationCallback(ServerCertificateValidationCallback);
            }
            catch (Exception ex)
            {
                throw ex;  
            }
            return cert;
        }

       /// <summary>
       /// 验证证书的回调函数
       /// </summary>
       /// <param name="obj"></param>
       /// <param name="cer"></param>
       /// <param name="chain"></param>
       /// <param name="error"></param>
       /// <returns></returns>
        private bool ServerCertificateValidationCallback(object obj, X509Certificate cer, X509Chain chain, System.Net.Security.SslPolicyErrors error)
        {
            return true;
        }
    }

程序比较简单了,主要是请求证书,以前没搞过。

调用

1、把证书放在电脑的一个盘中,记录.pfx证书的路径,还需要知道证书的密码

271802486575203

2、调用

<!-- 平安银行证书路径-->
    <add key="CertificateFilePath" value="D:\证书\证书\store.pfx" />
    <!-- 平安银行证书密码-->
    <add key="CertificateFilePwd" value="XXXX" />
    <!--平安银行请求的地址-->
    <add key="PingAnUrl" value="https://XXXX7" />
 HttpHelper helper = new HttpHelper();
                    helper.CertificateFilePath = WindowsServiceCommon.GetConfigSetting("CertificateFilePath");  //ConfigurationManager.AppSettings["CertificateFilePath"].ToString();
                    helper.CertificateFilePwd = WindowsServiceCommon.GetConfigSetting("CertificateFilePwd");  //ConfigurationManager.AppSettings["CertificateFilePwd"].ToString();
                    var html = helper.Post(WindowsServiceCommon.GetConfigSetting("PingAnUrl"), XmlContent, true);

 这样就成功的吧数据Post到指定的地址上。

posted @ 2017-01-05 13:48  何光曦  阅读(1715)  评论(0编辑  收藏  举报