根据验证程序[重复],远程证书无效
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了根据验证程序[重复],远程证书无效相关的知识,希望对你有一定的参考价值。
这个问题在这里已有答案:
运行以下代码,我得到一个例外:
using (var client = new Pop3Client())
{
client.Connect(provider.ServerWithoutPort, provider.Port, true);
}
我得到的例外情况:
The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at OpenPop.Pop3.Pop3Client.Connect(String hostname, Int32 port, Boolean useSsl, Int32 receiveTimeout, Int32 sendTimeout, RemoteCertificateValidationCallback certificateValidator)
at OpenPop.Pop3.Pop3Client.Connect(String hostname, Int32 port, Boolean useSsl)
at Ugi.Server.Sources.Logic.SourcesService.IsValidPop3Connection(String email, String emailPassword) in C:UserseladDocumentsVisual Studio 2010ProjectsSVNUGIUgiServerSourcesLogicSourcesService.cs:line 246
答案
这通常是因为以下任何一种情况都是如此:
- 证书是自签名的,不会添加为可信证书。
- 证书已过期。
- 证书由未在计算机上安装的根证书签名。
- 使用服务器的完全限定域地址对证书进行签名。含义:不能使用“xyzServerName”,而是必须使用“xyzServerName.ad.state.fl.us”,因为就SSL证书而言,这基本上就是服务器名称。
- 探测撤销列表,但无法找到/使用。
尝试获取有关服务器证书的一些信息,并查看是否需要在客户端上安装任何特定证书才能使其正常工作。
另一答案
甚至更短版本的Dominic Zukiewicz解决方案:
ServicePointManager.ServerCertificateValidationCallback += (o, c, ch, er) => true;
但这意味着您将信任所有证书。对于不仅在本地运行的服务,需要更聪明的东西。在第一个实例中,您可以使用此代码来测试它是否解决了您的问题。
另一答案
.NET在连接的另一端看到无效的SSL证书。有一种解决方法,但显然不建议用于生产代码:
// Put this somewhere that is only once - like an initialization method
ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateCertificate);
...
static bool ValidateCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors)
{
return true;
}
另一答案
我在测试一个项目时遇到了同样的问题,并且它变成了运行Fiddler导致此错误的原因。!!
如果您使用Fiddler拦截http请求,请将其关闭...
这是导致此类错误的众多原因之一。
要修复Fiddler你可能需要Reset Fiddler Https Certificates。
另一答案
您必须检查证书哈希码。
ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain,
errors) =>
{
var hashString = certificate.GetCertHashString();
if (hashString != null)
{
var certHashString = hashString.ToLower();
return certHashString == "dec2b525ddeemma8ccfaa8df174455d6e38248c5";
}
return false;
};
另一答案
在发送电子邮件之前试试这个
ServicePointManager.ServerCertificateValidationCallback =
delegate(object s, X509Certificate certificate, X509Chain chain,
SslPolicyErrors sslPolicyErrors) { return true; };
记得添加使用libs!
以上是关于根据验证程序[重复],远程证书无效的主要内容,如果未能解决你的问题,请参考以下文章