Net Core WebApi HttpClient IHttpClientFactory 证书配置

services.AddHttpClient("WeChatPay", c =>
            {
                c.BaseAddress = new Uri("https://api.mch.weixin.qq.com");
            }).ConfigurePrimaryHttpMessageHandler((c) =>
            {
                var certPath = System.IO.Path.Combine(_environment.WebRootPath, configuration["WeChatPay:cret"]);
                var password = "";
                var cert = new X509Certificate2(certPath, password, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);
                var handler = new HttpClientHandler()
                {
                    ClientCertificateOptions = ClientCertificateOption.Manual,
                    SslProtocols = SslProtocols.Tls12,
                };
                handler.ClientCertificates.Add(cert);
                handler.SslProtocols = SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls;
                handler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true;

                return handler;
            });