本文介绍了Flurl和不受信任的证书的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

目前,我从事Flurl的研究,并尝试通过https与API联系(我在实验室中).因此该证书无效,并且Flurl无法继续工作:/

Currently I worked on Flurl and I tried to contact an API in https (I am in my lab).So the certificate is not valid and Flurl can't continue to work :/

这是我的错误消息:

Unhandled Exception: System.AggregateException: One or more errors occurred. (Call failed. The SSL connection could not be established, see inner exception. POST https://IP/api/aaaLogin.json) ---> Flurl.Http.FlurlHttpException: Call failed. The SSL connection could not be established, see inner exception. POST https://IP/api/aaaLogin.json ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

在Flurl文档中,我们可以使用using Flurl.Http.Configuration;并修改DefaultHttpClientFactory,但是我不理解所指定的要跳过错误的元素.

In Flurl documentation we can use using Flurl.Http.Configuration; and modify the DefaultHttpClientFactory However I do not understand the elements specified to say of jumped over the errors.

在网络上,我可以看到相同的情况: https://github.com/tmenier/Flurl/issues/365 您对此问题有疑问吗?

On the web I can see the same case: https://github.com/tmenier/Flurl/issues/365Do you have an issue for this problem?

谢谢!

推荐答案

最典型的方法是创建自定义工厂:

public class UntrustedCertClientFactory : DefaultHttpClientFactory
{
    public override HttpMessageHandler CreateMessageHandler() {
        return new HttpClientHandler {
            ServerCertificateCustomValidationCallback = (a, b, c, d) => true
        };
    }
}

然后在应用启动时将其注册:

Then register it somewhere in your app startup:

FlurlHttp.ConfigureClient("https://theapi.com", cli =>
    cli.Settings.HttpClientFactory = new UntrustedCertClientFactory());

Flurl默认情况下在每个主机上重用相同的HttpClient实例,因此配置此方式意味着对theapi.com的每次调用都将允许使用不受信任的证书.与将HttpClient传递给FlurlClient构造函数相比,此方法的优势在于,它可以使此配置脱离侧面",并且在您以更典型/更不冗长的方式使用Flurl时可以使用:

Flurl reuses the same HttpClient instance per host by default, so configuring this way means that every call to theapi.com will allow the use of the untrusted cert. The advantage of this over passing an HttpClient to a FlurlClient constructor is that it keeps this configuration "off to the side" and works when you use Flurl in the more typical/less verbose way:

await "https://theapi.com/endpoint".GetJsonAsync();

这篇关于Flurl和不受信任的证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

06-13 16:45