将 cURL 转换为 RestSharp(无法创建 SSL/TLS 安全通道)
Translate cURL to RestSharp (Could not create SSL/TLS secure channel)
我正在努力与 third-party 集成,它提供了用于 cURL 的示例代码。我已经能够通过以下命令使用 cURL 成功连接:
curl -k -d "grant_type=client_cert" --basic -u "myUserName:myPassword" -H "Content-Type: application/x-www-form-urlencoded" --cert c:\certs\myCert.pem https://vendorUrl/method
在阅读 cURL 文档时,我相信这就是所有开关转换为的内容:
- -k:不安全(即使连接不安全也继续)
- -d:数据。也表明这是一个 POST.
- --basic: 基本认证
- -u username/password
- -H追加header
- --cert:通过证书
我已经尝试了很多(!)我在网上找到的不同技巧,所以有些代码行可能是不必要的。我试图在我的代码注释中指出我在哪里解释了 cURL 切换到 C#。
//Not sure if these are needed or not.
ServicePointManager.Expect100Continue = true;
ServicePointManager.CheckCertificateRevocationList = false;
//allow every possible protocol for now just to eliminate the protocol as the source of the problem
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;
//this should be the equivalent of cURL's "-k" (insecure) switch.
ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;
var certificatePath = ConfigurationManager.AppSettings.GetValue("myPath");
var clientKey = "myKey";
var clientSecret = "mySecret";
var url = "https://vendorUrl/method";
//create the request
var request = new RestRequest(Method.POST);
////this should be the equivalent of cURL's -d (data) switch. no idea if this is done correctly. I have also tried adding this as "AddJsonBody()"
var body = "grant_type=client_cert";
request.AddBody(body);
//this should be the equivalent of cURL's "-H" (header) switch
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
//Import certificate
var certificates = new X509Certificate();
certificates.Import(certificatePath);
var client = new RestClient
{
BaseUrl = new Uri(url),
//this should be the equivalent of cURL's "--cert" switch
ClientCertificates = new X509CertificateCollection { certificates },
//this should be the equivalent of cURL's "--basic" (Basic Auth) switch and the "-u" switch
Authenticator = new HttpBasicAuthenticator(clientKey, clientSecret)
};
var response = client.Execute(request);
我收到的错误消息是可怕的 "The request was aborted: Could not create SSL/TLS secure channel."
我还按照此处所述添加了跟踪日志记录:The request was aborted: Could not create SSL/TLS secure channel。
我真的不知道如何解析跟踪的输出,但跟踪中的最后一条消息看起来像个问题:
System.Net 信息:0 : [9232] InitializeSecurityContext(In-Buffers count=2, Out-Buffer length=0, returned code=IllegalMessage).
就我而言,我必须在本地 computer/server 安装证书才能使其正常工作。我不清楚为什么 cURL 在没有安装证书的情况下工作。
我必须安装的证书有一个 .p12 扩展名。所以在代码中我加载了 .pem 文件,这是一个从 .p12 文件派生的文件。我不是说明白为什么。
通过切换到 HttpClient,我能够通过添加以下内容来避免加载 .pem 文件:
var handler = new WebRequestHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Automatic;
var httpClient = new HttpClient(handler);
我找不到与 ClientCertificateOptions 等效的 RestSharp/WebRequest。
我正在努力与 third-party 集成,它提供了用于 cURL 的示例代码。我已经能够通过以下命令使用 cURL 成功连接:
curl -k -d "grant_type=client_cert" --basic -u "myUserName:myPassword" -H "Content-Type: application/x-www-form-urlencoded" --cert c:\certs\myCert.pem https://vendorUrl/method
在阅读 cURL 文档时,我相信这就是所有开关转换为的内容:
- -k:不安全(即使连接不安全也继续)
- -d:数据。也表明这是一个 POST.
- --basic: 基本认证
- -u username/password
- -H追加header
- --cert:通过证书
我已经尝试了很多(!)我在网上找到的不同技巧,所以有些代码行可能是不必要的。我试图在我的代码注释中指出我在哪里解释了 cURL 切换到 C#。
//Not sure if these are needed or not.
ServicePointManager.Expect100Continue = true;
ServicePointManager.CheckCertificateRevocationList = false;
//allow every possible protocol for now just to eliminate the protocol as the source of the problem
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;
//this should be the equivalent of cURL's "-k" (insecure) switch.
ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;
var certificatePath = ConfigurationManager.AppSettings.GetValue("myPath");
var clientKey = "myKey";
var clientSecret = "mySecret";
var url = "https://vendorUrl/method";
//create the request
var request = new RestRequest(Method.POST);
////this should be the equivalent of cURL's -d (data) switch. no idea if this is done correctly. I have also tried adding this as "AddJsonBody()"
var body = "grant_type=client_cert";
request.AddBody(body);
//this should be the equivalent of cURL's "-H" (header) switch
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
//Import certificate
var certificates = new X509Certificate();
certificates.Import(certificatePath);
var client = new RestClient
{
BaseUrl = new Uri(url),
//this should be the equivalent of cURL's "--cert" switch
ClientCertificates = new X509CertificateCollection { certificates },
//this should be the equivalent of cURL's "--basic" (Basic Auth) switch and the "-u" switch
Authenticator = new HttpBasicAuthenticator(clientKey, clientSecret)
};
var response = client.Execute(request);
我收到的错误消息是可怕的 "The request was aborted: Could not create SSL/TLS secure channel."
我还按照此处所述添加了跟踪日志记录:The request was aborted: Could not create SSL/TLS secure channel。
我真的不知道如何解析跟踪的输出,但跟踪中的最后一条消息看起来像个问题:
System.Net 信息:0 : [9232] InitializeSecurityContext(In-Buffers count=2, Out-Buffer length=0, returned code=IllegalMessage).
就我而言,我必须在本地 computer/server 安装证书才能使其正常工作。我不清楚为什么 cURL 在没有安装证书的情况下工作。
我必须安装的证书有一个 .p12 扩展名。所以在代码中我加载了 .pem 文件,这是一个从 .p12 文件派生的文件。我不是说明白为什么。
通过切换到 HttpClient,我能够通过添加以下内容来避免加载 .pem 文件:
var handler = new WebRequestHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Automatic;
var httpClient = new HttpClient(handler);
我找不到与 ClientCertificateOptions 等效的 RestSharp/WebRequest。