C# https证书通信Post/Get(解决做ssl通道时遇到“请求被中止: 未能创建 SSL/TLS 安全通道”问题)

 1         public static string HttpPost(string url, string param = null)
 2         {
 3             HttpWebRequest request;
 4 
 5             //如果是发送HTTPS请求  
 6             if (url.StartsWith("https", StringComparison.OrdinalIgnoreCase))
 7             {
 8                 ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;   //协议按需选择,
 9                 ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(CheckValidationResult);
10                 request = WebRequest.Create(url) as HttpWebRequest;
11                 request.ProtocolVersion = HttpVersion.Version10;
12 
13             }
14             else
15             {
16                 request = WebRequest.Create(url) as HttpWebRequest;
17             }
18 
19             request.Method = "POST";
20             request.ContentType = "application/json";
21             request.Accept = "*/*";
22             request.Timeout = 15000;  
23             request.AllowAutoRedirect = false;
24             //查找我们导入的证书
25             X509Store certStore = new X509Store(StoreName.My, StoreLocation.LocalMachine);
26             certStore.Open(OpenFlags.ReadOnly);
27             var aa = certStore.Certificates;
28             X509Certificate2Collection certCollection = certStore.Certificates.Find(X509FindType.FindBySubjectName, "www.xxx.com", false);
29             request.ClientCertificates.Add(certCollection[0]);
30 
31 
32             StreamWriter requestStream = null;
33             WebResponse response = null;
34             string responseStr = null;
35 
36             try
37             {
38                 requestStream = new StreamWriter(request.GetRequestStream());
39                 requestStream.Write(param);
40                 requestStream.Close();
41 
42                 response = request.GetResponse();
43                 if (response != null)
44                 {
45                     StreamReader reader = new StreamReader(response.GetResponseStream(), Encoding.UTF8);
46                     responseStr = reader.ReadToEnd();
47                     reader.Close();
48                 }
49             }
50             catch (Exception)
51             {
52                 throw;
53             }
54             finally
55             {
56                 request = null;
57                 requestStream = null;
58                 response = null;
59             }
60 
61             return responseStr;
62         }
63 
64 
65         private static bool CheckValidationResult(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors)
66         {
67             return true; //总是接受  
68         } 
View Code

第一步导入证书:

a、运行输入“mmc”

 b、在控制台中点击“文件”——>“添加/删除管理单元”,在弹出框中依次选择“证书”-“添加”-“”-“确定”

上图点击“添加”弹出框选择“计算机账户”,一直下一步到完成。

 

c、证书导入,“证书”右键 选择“所有任务”,点击“导入“。

 

 d、证书授权

 1、工具下载 安装winhttpcertcfg.msi 下载地址 https://www.microsoft.com/en-us/download/details.aspx?id=19801。

 2、到winhttpcertcfg安装目录运行如下命令提升账户访问权限:WinHttpCertCfg.exe -g -c LOCAL_MACHINE\MY -s "证书名" -a  "NETWORK SERVICE"。

      说明:-s  证书名(如:www.xxxx.com) ;-a 授权用户

 3、如果你的IIS是7.0,需要设置网站应用池标识(如图)。

 

4、重启IIS

 

posted @ 2019-09-27 13:38  时光吹老了好少年  阅读(1598)  评论(0编辑  收藏  举报