NetCore HttpClient The SSL connection could not be established, see inner exception

之前遇到一个问题

 

https://www.cnblogs.com/leoxjy/p/10201046.html

 

在centos 7.x  HttpClient访问会出问题  The SSL connection could not be established, see inner exception

最后彻底解决是进入容器docker

那么 最近又FQ搜到一个解决方案 可以systemctl 运行的时候也不会 SSL

上代码

       var httpClientHandler = new HttpClientHandler
            {
                ServerCertificateCustomValidationCallback = (message, certificate2, arg3, arg4) => true
            };
            using (HttpClient client = new HttpClient(httpClientHandler))
            {
                string url = WeiXinSettings.GetJscode2Session(code);

                var result = await client.GetAsync(url);

                if (result.IsSuccessStatusCode)
                {
                    string str = await result.Content.ReadAsStringAsync();

                    return str;
                }
            }

 

解决办法2

  修改centos的环境变量 DOTNET_SYSTEM_NET_HTTP_USESOCKETSHTTPHANDLER=0

解决办法3

  

    通过在netcore. runtimeconfig.template.json配置文件中定义 System.Net.Http.UseSocketsHttpHandler 开关:

   
"runtimeOptions": {
  "configProperties": {
      "System.Net.Http.UseSocketsHttpHandler": false
  }
}

  此方法解决所有不需要证书访问的通讯 如果需要证书进行https访问 就不行了

 

解决方法 4 

  安装 OpenSSL

 

1.下载 OpenSSL:

wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz
2.解压 OpenSSL:

tar -xzvf openssl-1.0.2l.tar.gz
3.进入 OpenSSL目录:

cd openssl-1.0.2l
4.配置并编译 OpenSSL:

./config --shared
make && make install
5.下载 curl 库:

wget https://curl.haxx.se/download/curl-7.55.1.tar.gz
6.解压 curl 库:

tar -xzvf curl-7.55.1.tar.gz
7.进入 curl 目录:

cd curl-7.55.1
8.设置动态库路径:

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/ssl/lib
9.配置并编译 curl:

./configure --prefix=/usr/local/curl/ --without-nss --with-ssl=/usr/local/ssl/
make && make install
10.备份默认的 curl 二进制文件

mv /usr/bin/curl /usr/bin/curl.bak
11.做一个新的 curl 软链

ln -s /usr/local/curl/bin/curl /usr/bin/curl
总体的替换到此就完成,可以执行 curl --version 来进行确认。下边是我执行的结果:

curl 7.55.1 (x86_64-pc-linux-gnu) libcurl/7.55.1 OpenSSL/1.0.2l
Release-Date: 2017-08-14
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile NTLM NTLM_WB SSL TLS-SRP UnixSockets HTTPS-proxy

 

1、查看 OPENSSLDIR 路径

$ openssl version -a

2、然后把 CentOS 默认的 openssl CA证书拷贝过来。

$ cp /etc/pki/tls/cert.pem /usr/local/openssl/

 

posted @ 2019-07-23 22:49  摇光Summer  阅读(15020)  评论(0编辑  收藏  举报