我在Windows 2012 R2 IIs 8.5上托管了2个网站。 一种是umbraco实例,另一种是基于.Net核心的api(我们称其为MyApi)。 我想在umbraco上执行某些搜索操作,因此umbraco会调用api,该api会回调Umbraco / Api。调用MyApi很好,但是从MyApi到Umbraco / Api的调用是有问题的。 Umbraco api日志:
搜索失败System.Net.Http.HttpRequestException:发送请求时发生错误。 ---> System.Net.WebException:基础连接已关闭:无法建立SSL / TLS安全通道的信任关系。 ---> System.Security.Authentication.AuthenticationException:根据验证过程,远程证书无效。
证书本身由客户的内部授权提供,该授权是服务器存储中的受信任根。现在,最初我们已经遇到了证书问题,因为它们错过了我们用于api调用的第一个DNS记录(尚未创建DNS记录,我们在“主机”中使用记录),但现在应该是fiex。
我已经更新了代码中的SSL错误处理程序,因此它在SSL枚举中记录了错误和编号。
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) =>
{
_logger.LogError("Received TLS errror " + ((int)sslPolicyErrors).ToString());
return false;
};
_logger.LogDebug("Search starting");
if (model.Username != null)
{
model.Favourites = _workplaceContext.GetUserFavourites(_dataContext, model.Username);
}
else if (model.JustFavourites)
{
return BadRequest();
}
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(_configuration.GetValue<string>("UmbracoApiUrl"));
_logger.LogDebug("Searching for addres " + new Uri(_configuration.GetValue<string>("UmbracoApiUrl")));
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(
new MediaTypeWithQualityHeaderValue("application/json"));
var json = JsonConvert.SerializeObject(model);
using (var stringContent = new StringContent(json, Encoding.UTF8, "application/json"))
{
var response = await client.PostAsync("workplace/search", stringContent);
if (response.IsSuccessStatusCode)
{
_logger.LogDebug("Search API Call success");
var jsonResponse = await response.Content.ReadAsStringAsync();
var responseModel = JsonConvert.DeserializeObject<SearchResponseModel>(jsonResponse);
_logger.LogDebug("Search response TotalCount = " + responseModel.TotalCount);
return responseModel;
}
else
{
_logger.LogDebug("Search API Call status - " + response.StatusCode);
return StatusCode((int)response.StatusCode);
}
}
}
最初,我们收到了2号错误。现在我们只收到数字0,应该没问题。尽管如此,连接仍然无法正常工作。我阅读了有关此内容的各种文章,并在umbraco的Web配置中启用了故障排除功能,但没有找到任何有用的信息。我需要对MyApi进行故障排除的方法。能否为我指出一个如何对其进行故障排除的方向(与umbraco相似)(我对.NET核心应用不太熟悉)?
错误日志的有趣部分:
2019-07-08 13:35:32.1745||DEBUG|XXXApi.Controllers.WorkplaceController|Search starting
2019-07-08 13:35:32.1901||DEBUG|XXXApi.Controllers.WorkplaceController|Searching for addres https://xxx.yy.zz/umbraco/api/
2019-07-08 13:35:32.2682||ERROR|XXXCApi.Controllers.WorkplaceController|Received TLS errror 0
2019-07-08 13:35:32.2682||ERROR|XXXApi.Controllers.WorkplaceController|Search failed System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
答案 0 :(得分:0)
解决方案:原始错误在证书中并得到修复,但是回调用于返回的false我用于调试导致标记连接失败的问题。大概花了两天时间。因此,自从我在枚举中得到0的那一刻起,那只是我的调试代码中的错误。
哦,别忘了取消订阅。