• The request with exception: The SSL connection could not be established, see inner exception. requestId 解决方案


    查看 OPENSSLDIR 路径终极解决方案

    1、查看 OPENSSLDIR 路径

    $ openssl version -a
    

      

    2、然后把 CentOS 默认的 openssl CA证书拷贝过来。

     $ cp /etc/pki/tls/cert.pem /usr/local/openssl/
    

     

    参考连接:https://lamjack.github.io/2018/05/11/centos-compile-openssl-missing-ca-bundle-crt/

    忽略以下

    ============================================================

    DOTNET CORE 部署 Centos7 抛出异常

    环境变量如下:

    .NET Core SDK (reflecting any global.json):
    Version: 2.2.401
    Commit: 729b316c13

    Runtime Environment:
    OS Name: centos
    OS Version: 7
    OS Platform: Linux
    RID: centos.7-x64
    Base Path: /usr/share/dotnet/sdk/2.2.401/

    Host (useful for support):
    Version: 2.2.6
    Commit: 7dac9b1b51

    .NET Core SDKs installed:
    2.2.401 [/usr/share/dotnet/sdk]

    .NET Core runtimes installed:
    Microsoft.AspNetCore.All 2.2.6 [/usr/share/dotnet/shared/Microsoft.AspNetCore.All]
    Microsoft.AspNetCore.App 2.2.6 [/usr/share/dotnet/shared/Microsoft.AspNetCore.App]
    Microsoft.NETCore.App 2.2.6 [/usr/share/dotnet/shared/Microsoft.NETCore.App]

    To install additional .NET Core runtimes or SDKs:
    https://aka.ms/dotnet-download

    测试代码:

    using System;
    using System.Diagnostics;
    using System.Net.Http;
    using System.Net.Http.Headers;
    
    namespace TestHttpClient
    {
        class Program
        {
            static void Main(string[] args)
            {
                try
                {
                    using (var httpClient = new HttpClient())
                    {
                        httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));                    
    
                        string url = "https://jsonplaceholder.typicode.com/posts/1";
                        var response = httpClient.GetAsync(url).Result;
                        string jsonResult = response.Content.ReadAsStringAsync().Result;   
                    }
                }
                catch (Exception ex)
                {
                    Debug.WriteLine(ex.ToString());
                }
            }
        }
    }

    服务器抛出异常:

    System.AggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.) ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
    at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
    at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
    ……………………………………………………

     

    OR

    The remote certificate is invalid according to the validation procedure.

    解决方案:

    By defining the System.Net.Http.UseSocketsHttpHandler switch in the .netcore.runtimeconfig.json configuration file:

     
    "runtimeOptions": {
      "configProperties": {
          "System.Net.Http.UseSocketsHttpHandler": false
      }
    }
    

     =====================

    以上可以解决问题,但不是根本解决

    问题分析如下:

    后续请参考以下:

    using System;
    using System.Diagnostics;
    using System.Net;
    using System.Net.Http;
    using System.Net.Http.Headers;
    using System.Net.Security;
    using System.Security.Cryptography.X509Certificates;
    using System.Threading.Tasks;
    
    namespace ConsoleClientTest
    {
        internal class Program
        {
            private static async Task Main(string[] args)
            {
                try
                {
                   
    
    
                    //AppContext.SetSwitch("System.Net.Http.UseSocketsHttpHandler", false);
                    using (var httpClientHandler = new HttpClientHandler())
                    {
                        httpClientHandler.ServerCertificateCustomValidationCallback = (message, certificate, chain, sslPolicyErrors) =>
                        {
                            Console.WriteLine("
    
    ===================message==================
    
     {0}", message.ToString());
                            Console.WriteLine("
    
    ==================cert==================
    
     {0}", certificate.ToString());
                            Console.WriteLine("
    
    ==================chain==================
    
    {0}", chain.ToString());
                            Console.WriteLine("
    
    ==================chain status==================
    
    {0}",
                                chain.ChainStatus.ToString());
                            Console.WriteLine("
    
    ==================errors==================
    
    {0}", sslPolicyErrors.ToString());
    
    
                            Console.WriteLine("
    
    ====================================================
    
    ");
                            Console.WriteLine($"Received certificate with subject {certificate.Subject}");
                            Console.WriteLine("
    
    ====================================================
    
    ");
                            Console.WriteLine($"Current policy errors: {sslPolicyErrors}");
                            Console.WriteLine("
    
    ====================================================
    
    ");
    
    
                            if (sslPolicyErrors == SslPolicyErrors.None)
                                return true;
                            else
                            {
                                if ((SslPolicyErrors.RemoteCertificateNameMismatch & sslPolicyErrors) == SslPolicyErrors.RemoteCertificateNameMismatch)
                                {
                                    Console.WriteLine("证书名称不匹配{0}", sslPolicyErrors);
                                }
    
                                if ((SslPolicyErrors.RemoteCertificateChainErrors & sslPolicyErrors) == SslPolicyErrors.RemoteCertificateChainErrors)
                                {
                                    
                                    foreach (X509ChainStatus status in chain.ChainStatus)
                                    {
                                        Console.WriteLine("status code = {0}", status.Status);
                                        Console.WriteLine("Status info = {0}", status.StatusInformation);
                                    }
    
                                }
                                Console.WriteLine("证书验证失败{0}", sslPolicyErrors);
                            }
    
                            return false;
                        };
    
                        Console.WriteLine("
    
    ====================================================
    
    ");
                        using (var httpClient = new HttpClient(httpClientHandler))
                        {
                            httpClient.DefaultRequestHeaders.Accept.Add(
                                new MediaTypeWithQualityHeaderValue("application/json"));
                            const string url = "https://jsonplaceholder.typicode.com/posts/1";
                            using (var response = await httpClient.GetAsync(url))
                            {
                                var jsonResult = await response.Content.ReadAsStringAsync();
                                Console.WriteLine(jsonResult);
                            }
                        }
                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine(ex.ToString());
                }
            }
        }
    }

    通过以上代码,打印出以下语句

    Status info = unable to get local issuer certificate trustasia

    回想起昨天编译Nginx,手动安装了OPENSSL,版本问题,恢复后,一切正常

  • 相关阅读:
    loadrunner实现字符串的替换
    Windows Server 2008 R2 实现多用户同时登陆
    LoadRunner测试场景中添加负载生成器
    loadrunner统计字符串中指定字符出现的次数
    loadrunner怎么将变量保存到参数中
    loadrunner生成随机数
    loadrunner取出字符串的后面几位
    loadrunner参数化excel数据
    LoadRunner常用函数列表
    loadrunner解决在项目中的难点解决
  • 原文地址:https://www.cnblogs.com/CnKker/p/11423471.html
Copyright © 2020-2023  润新知