在Mono上使用自定义SSL客户端证书System.Net.HttpClient
我正在使用NuGet的Microsoft HTTP客户端库 ,我基本上试图在HttpClient中使用X509Certificate2证书进行TLS身份validation。
我试过像这样创建客户端:
WebRequestHandler certHandler = new WebRequestHandler () { ClientCertificateOptions = ClientCertificateOption.Manual, UseDefaultCredentials = false }; certHandler.ClientCertificates.Add (this.ClientCertificate); HttpClient client = new HttpClient (certHandler); 但是, certHandler.ClientCertificates失败,因为此getter 未在Mono中实现 ,因此我从中获得了NotImplementedException。 (我不确定为什么那仍然是TODO。)
到目前为止,我运气不好。 任何想法如何在Mono环境中简单地在HttpClient上设置客户端证书?
它看起来好像只是能够将客户端证书集合传递给CreateWebRequest中的HttpWebRequest,因此,由于inheritance不起作用,我只是从mono复制/粘贴该类并添加了实现。
// Copyright (c) 2013 Xamarin Inc. (http://www.xamarin.com) // // Permission is hereby granted, free of charge, to any person obtaining a copy // of this software and associated documentation files (the "Software"), to deal // in the Software without restriction, including without limitation the rights // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell // copies of the Software, and to permit persons to whom the Software is // furnished to do so, subject to the following conditions: // // The above copyright notice and this permission notice shall be included in // all copies or substantial portions of the Software. // // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN // THE SOFTWARE. using System; using System.Net.Cache; using System.Net.Security; using System.Security.Principal; using System.Security.Cryptography.X509Certificates; namespace System.Net.Http { public class WebRequestHandlerWithClientcertificates : HttpClientHandler { bool allowPipelining; RequestCachePolicy cachePolicy; AuthenticationLevel authenticationLevel; TimeSpan continueTimeout; TokenImpersonationLevel impersonationLevel; int maxResponseHeadersLength; int readWriteTimeout; RemoteCertificateValidationCallback serverCertificateValidationCallback; bool unsafeAuthenticatedConnectionSharing; private X509CertificateCollection clientCertificates; public WebRequestHandler () { allowPipelining = true; authenticationLevel = AuthenticationLevel.MutualAuthRequested; cachePolicy = System.Net.WebRequest.DefaultCachePolicy; continueTimeout = TimeSpan.FromMilliseconds (350); impersonationLevel = TokenImpersonationLevel.Delegation; maxResponseHeadersLength = HttpWebRequest.DefaultMaximumResponseHeadersLength; readWriteTimeout = 300000; serverCertificateValidationCallback = null; unsafeAuthenticatedConnectionSharing = false; } public bool AllowPipelining { get { return allowPipelining; } set { EnsureModifiability (); allowPipelining = value; } } public RequestCachePolicy CachePolicy { get { return cachePolicy; } set { EnsureModifiability (); cachePolicy = value; } } public AuthenticationLevel AuthenticationLevel { get { return authenticationLevel; } set { EnsureModifiability (); authenticationLevel = value; } } public X509CertificateCollection ClientCertificates { get { if (clientCertificates==null) { clientCertificates = new X509CertificateCollection(); } return clientCertificates; } set { if (value==null) { throw new ArgumentNullException("value"); } EnsureModifiability (); clientCertificates = value; } } [MonoTODO] public TimeSpan ContinueTimeout { get { return continueTimeout; } set { EnsureModifiability (); continueTimeout = value; } } public TokenImpersonationLevel ImpersonationLevel { get { return impersonationLevel; } set { EnsureModifiability (); impersonationLevel = value; } } public int MaxResponseHeadersLength { get { return maxResponseHeadersLength; } set { EnsureModifiability (); maxResponseHeadersLength = value; } } public int ReadWriteTimeout { get { return readWriteTimeout; } set { EnsureModifiability (); readWriteTimeout = value; } } [MonoTODO] public RemoteCertificateValidationCallback ServerCertificateValidationCallback { get { return serverCertificateValidationCallback; } set { EnsureModifiability (); serverCertificateValidationCallback = value; } } public bool UnsafeAuthenticatedConnectionSharing { get { return unsafeAuthenticatedConnectionSharing; } set { EnsureModifiability (); unsafeAuthenticatedConnectionSharing = value; } } internal override HttpWebRequest CreateWebRequest (HttpRequestMessage request) { HttpWebRequest wr = base.CreateWebRequest (request); wr.Pipelined = allowPipelining; wr.AuthenticationLevel = authenticationLevel; wr.CachePolicy = cachePolicy; wr.ImpersonationLevel = impersonationLevel; wr.MaximumResponseHeadersLength = maxResponseHeadersLength; wr.ReadWriteTimeout = readWriteTimeout; wr.UnsafeAuthenticatedConnectionSharing = unsafeAuthenticatedConnectionSharing; // here : maybe wr.ClientCertificates = ClientCertificates if the line below throws an error in your tests wr.ClientCertificates.Add(ClientCertificates); return wr; } } }
现在在您的代码中使用WebRequestHandlerWithClientCertificates而不是WebRequestHandler