个人中心
gpt4 book ai didi

c# - Azure APIM URL 抛出 System.Net.WebException - SSL/TLS 如何在 azure web api 和 azure APIM 中产生差异?

转载 作者:太空宇宙 更新时间:2023-11-03 13:58:26 24 4
gpt4 key购买 nike

我已经创建了 web api 并尝试使用 c# 发出 GET 请求,如下所示

namespace APIMCheck
{
 class Program
 {
    static void Main(string[] args)
    {
        string thumbprint = "***"; 
        string url @"https://******-us-stats-webapi.azurewebsites.net/statistics/v1/masterData/carTypes";


        X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
        store.Open(OpenFlags.ReadOnly);

        X509Certificate2Collection certificates = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, true);
        X509Certificate2 certificate = certificates[0];
        ServicePointManager.Expect100Continue = true;
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;
        ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications);

        HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);


        req.ClientCertificates.Add(certificate);
        req.Method = WebRequestMethods.Http.Get;

        Console.WriteLine(Program.CallAPI(req).ToString());

        Console.Read();

    }

    public static string CallAPI(HttpWebRequest req)
    {
        var httpResponse = (HttpWebResponse)req.GetResponse();

        using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
        {
            return streamReader.ReadToEnd();
        }
    }

    public static bool AcceptAllCertifications(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certification, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors)
    {
        return true;
    }
  }
}

我收到数据响应。一切顺利。

现在,我已经创建了 Azure APIM,它将充当上述 web API

的前端

这是在 Azure API 管理门户中配置的策略

<policies>
  <inbound>
    <base />
      <choose>
        <when condition="@(context.Request.Certificate.Verify() != true || context.Request.Certificate == null || context.Request.Certificate.Issuer != "CN=MySubCA, DC=MYEXT, DC=NET" || context.Request.Certificate.NotAfter < DateTime.Now)">
            <return-response>
                <set-status code="403" reason="Invalid client certificate" />
                <set-body template="none">@(context.Request.Certificate.Issuer.ToString())</set-body>
            </return-response>
        </when>
    </choose>
    </inbound>
    <backend>
     <base />
    </backend>
    <outbound>
     <base />
    </outbound>
    <on-error>
     <base />
    </on-error>
</policies>

现在,将 url 更改为指向 apim

 string url = @"https://******-us-stats-apim.azure-api.net/statistics/v1/masterData/carTypes";

我得到以下错误

The request was aborted: Could not create SSL/TLS secure channel for HttpWebRequest

SSL/TLS 如何影响 Web API 和 APIM?

和防火墙有什么关系吗?

最佳答案

默认情况下,为 Azure API 管理网关启用 TLS 1.2

您可以转到您的 azure api 管理(在门户上)> Protocol settings > 打开 tls 1.2ssl 3.0 .

enter image description here

关于c# - Azure APIM URL 抛出 System.Net.WebException - SSL/TLS 如何在 azure web api 和 azure APIM 中产生差异?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57706117/

24 4 0
文章推荐: python - 如何在 Python 中创建对数间隔数组?
文章推荐: c# - 如何改进这个设计(模式)?
文章推荐: python - 如何通过 slackclient 将图像作为 slack bot 发送到 Slack?
文章推荐: c# - 默认模板的 MonoMac 构建错误
太空宇宙
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com