异常:基础连接已关闭:无法建立SSL/TLS安全通道的信任关系

本文介绍了异常:基础连接已关闭:无法建立SSL/TLS安全通道的信任关系的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

获取Firebase通知代码

WebRequest tRequest = WebRequest.Create("https://fcm.googleapis.com/fcm/send");
tRequest.Method = "post";
tRequest.ContentType = "application/json";
var data = new{collapse_key = "unassigned", to = deviceToken,data = new
  {body = message,title = title,sound = "default"}
};

要在移动设备上发出通知的消息

var serializer = new JavaScriptSerializer();
var json = serializer.Serialize(data);
Byte[] byteArray = Encoding.UTF8.GetBytes(json);
tRequest.Headers.Add(string.Format("Authorization: key={0}", applicationId));
tRequest.Headers.Add(string.Format("Sender: id={0}", senderId));
tRequest.ContentLength = byteArray.Length;

下面的代码下方发生错误

using (Stream dataStream = tRequest.GetRequestStream())
{
  dataStream.Write(byteArray, 0, byteArray.Length);
 using (WebResponse tResponse = tRequest.GetResponse())
  {
    using (Stream dataStreamResponse = tResponse.GetResponseStream())
    {

   //code 1
    }
  }
}

推荐答案

标题中的异常表明您正在使用TLS加密连接到端点，并且您不信任该端点公开的证书.这意味着没有使用您在CA(证书颁发机构)商店中拥有的证书进行签名.就像自签名证书一样.

The exception in the title says that you are connecting to an endpoint with TLS encryption, and the certificate exposed by that endpoint is not trusted by you. This means that is not signed with a certificate that you have in your CA (Certificate Authority) Store. Like a self-signed certificate.

如果证书是自签名的，则可以将其添加到CA Store.如果不是这样，您可以尝试使用浏览器浏览端点，并查找端点提供的证书副本，以手动信任它.(请注意，如果端点已经受到威胁，您将手动信任其证书.)

If the certificate is self signed, you can add it to your CA Store. If not, you can try to navigate the endpoint with your browser, and look for a copy of the certificate that the endpoint is presenting, to manually trust it. (Beware that by doing this if the endpoint has been already compromised you're manually trusting its certificate.)

您还可以通过添加始终返回有效值的自定义证书验证处理程序来避免此检查！(真的).但是，请注意，这样做会使您容易受到中间人的攻击，因为您将失去检查端点真实性的能力.

You can also avoid this check by adding a custom certificate validation handler that always returns valid! (true). But, please be aware that doing this will expose you to man-in-the-middle attacks, as you'll loose the ability to check the endpoints authenticity.

ServicePointManager
    .ServerCertificateValidationCallback +=
    (sender, cert, chain, sslPolicyErrors) => true;

这篇关于异常:基础连接已关闭:无法建立SSL/TLS安全通道的信任关系的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！