亚马逊S3的库在连接Https的对象存储时会返回:
The remote certificate is invalid according to the validation procedure
之前在.Net Framework中可以使用如下方式绕过SSL的验证:
ServicePointManager.ServerCertificateValidationCallback += RemoteCertificateValidate; private static bool RemoteCertificateValidate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors) { //TLS证书验证,直接返回成功 return true; }
但是这个方法在.Net Core中已经不管用了,在.Net Core中需要这样来处理:
public class HttpClientFactoryAcceptAllSSL : Amazon.Runtime.HttpClientFactory { public override HttpClient CreateHttpClient(Amazon.Runtime.IClientConfig clientConfig) { System.Net.Http.HttpClientHandler handler = new System.Net.Http.HttpClientHandler(); handler.ServerCertificateCustomValidationCallback = System.Net.Http.HttpClientHandler.DangerousAcceptAnyServerCertificateValidator; return new HttpClient(handler); } }
AmazonS3Config config = new AmazonS3Config(); config.ServiceURL = settings_.Value.OOS.ServiceURL; config.BufferSize = 100 * 1024; config.ForcePathStyle = true; config.Timeout = new TimeSpan(1, 0, 0); config.SignatureVersion = "2"; config.HttpClientFactory = new HttpClientFactoryAcceptAllSSL(); AmazonS3Client client = new AmazonS3Client(settings_.Value.OOS.AccessKeyId, settings_.Value.OOS.SecretAccessKey, config);