抛出异常：根据验证程序，远程证书无效

Posted 2023-03-31

【中文标题】抛出异常：根据验证程序，远程证书无效

【英文标题】：Exception thrown: The remote certificate is invalid according to the validation procedure

【发布时间】：2019-11-20 14:59:35

【问题描述】：

早安，

我在我的一台 PC (Windows 10) 上的 Visual Studio 2019 上运行 ASP.NET CORE Blazor 应用程序，它运行良好。我在 VS Code 中在另一台 PC（Windows 7）上打开了相同的项目，并引发了以下异常。

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.\r\n ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.\r\n   at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)\r\n   at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)\r\n   at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)\r\n   at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)\r\n   at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)\r\n   at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)\r\n   at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)\r\n   at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)\r\n   at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)\r\n   at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)\r\n   at System.Net.Security.SslStream.PartialFrameCallback(AsyncProtocolRequest asyncRequest)\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Net.Security.SslStream.ThrowIfExceptional()\r\n   at System.Net.Security.SslStream.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)\r\n   at System.Net.Security.SslStream.EndProcessAuthentication(IAsyncResult result)\r\n   at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)\r\n   at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__65_1(IAsyncResult iar)\r\n   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)\r\n   --- End of inner exception stack trace ---\r\n   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)\r\n   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean allowHttp2, CancellationToken cancellationToken)\r\n   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)\r\n   at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)\r\n   at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)\r\n   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\r\n   at System.Net.Http.DiagnosticsHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\r\n   at System.Net.Http.HttpClient.FinishSendAsyncUnbuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)\r\n   at System.Net.Http.HttpClient.GetStringAsyncCore(Task`1 getTask)\r\n   at Microsoft.AspNetCore.Components.HttpClientJsonExtensions.GetJsonAsync[T](HttpClient httpClient, String requestUri)\r\n   at Workspace2.Pages.OrdersGrid.OnInitializedAsync() in c:\Users\dell\Desktop\Workspace2\Pages\OrdersGrid.razor:line 49

内部异常为空，错误信息为：The remote certificate is invalid according to the validation procedure.

我正在使用 .NET CORE SDK 3.1.0 预览版 2。下面是引发异常的代码：

@code
    public List<ProjectVM> projectsDataSource  set; get; 

    public void ActionComplete(ActionEventArgs<Order> Args)  

    protected override async Task OnInitializedAsync()
    
        try
        
            projectsDataSource = new List<ProjectVM>();
            projectsDataSource = await Http.GetJsonAsync<List<ProjectVM>>("/Api/Default/GetProjectsList");

        
        catch(Exception e)
        

        
    

请帮忙。

提前致谢。

【参考方案1】：

当您使用 VS 2019 运行代码时，它会在您的计算机上安装一个自签名证书以进行 https 重定向。 （显示一个消息框，通知证书安装）。

但是 VS 代码不适合你。

阅读此文档应该会有所帮助：https://docs.microsoft.com/en-us/aspnet/core/security/enforcing-ssl?view=aspnetcore-3.0&tabs=visual-studio#trust-the-aspnet-core-https-development-certificate-on-windows-and-macos

您可以尝试运行此命令

dotnet dev-certs https --clean
dotnet dev-certs https --trust

【讨论】：

我已经多次执行这些命令并重新启动了两次，但错误仍然存​​在。还有更多指针吗？

@ChrisBordeman 您是否尝试使用dotnet run 命令启动您的项目？

是的，同样的效果。奇怪的是 Chrome 甚至 iexplore 都说证书今天早些时候过期了，就在我开始遇到问题的时候。我已经去 MMC 删除了个人和本地计算机中的所有 localhost 证书，以及两者的受信任的根证书。然后我尝试再次清理/安装它们，这似乎是成功的，我什至清除了浏览器缓存并再次重新启动。 Chrome 仍然说证书无效并于今天过期！我还清除了 SSL 列表。无法想象它从哪里得到这个。

@ChrisBordeman 看起来很傻，但你的日期是最新的吗？

是的。我最终重新安装了 VS 和每个 SDK/工具。然后是所有的Windows。下一个选项是 hara kiri。

【参考方案2】：

agua from mars 的回答没有考虑到您还必须生成本地证书以进行开发，然后才能告诉您的操作系统信任它。

您可以按此顺序运行命令，然后再次运行您的应用。

dotnet dev-certs https --clean
dotnet dev-certs https
dotnet dev-certs https --trust

命令dotnet dev-certs https 生成证书。