在调用Web服务时无法在客户端找到证书
我在C#.Net中开发了一个Windows服务应用程序,它与用Java开发的Web服务(来自客户端)进行通信。此Web服务经过证书验证,这就是为什么每次我需要在调用Web服务之前读取证书的原因。但是,当我试图通过主题名称或缩略图获取证书时,
然后我会为每种类型获得不同的错误。并且根本无法阅读证书。
I've a windows service application developed in C#.Net which is communicating with Web service developed in Java (from client). This web service is certificate validated that's why every time I need to read the certificate before calling the web service. But when ever I'm trying to get the certificate by Subject name or Thumbnail then I'm getting different error for each type. And cannot read the certificate at all.
这是我的代码:
Here is my code:
<clientCertificate storeLocation="CurrentUser" storeName="My" findValue="176455DB76886FF2BA3C122F8B36322F647CB2FD" x509FindType="FindByThumbprint" />
如果我尝试使用上面的缩略图找到证书,那么我就会遇到错误:
无效的十六进制字符串格式。内部异常null
这是我试图调用证书的第二种方式:
<clientCertificate storeLocation="CurrentUser" storeName="My" findValue="CN=EO_UA_test, T=Privatmoney, OU=EO_UA_test, O=EO_UA_test, L=Dnepropetrovsk, C=UA" x509FindType="FindBySubjectName" />
这是我在应用上述技术时遇到的错误:
使用以下搜索条件找不到X.509证书:StoreName'My',StoreLocation 'CurrentUser',FindType'FindBySubjectName',
FindValue'CN = EO_UA_test,T = Privatmoney,OU = EO_UA_test,O = EO_UA_test,L = Dnepropetrovsk,C = UA'。
对于第二个错误,我试过没有" ; CN ="但我仍然得到同样的错误。此外,我已经使用MMC.exe检查了证书,我可以找到
我的证书存在于CurrentUser->个人请在上面建议我。
For the 2nd error I've tried without "CN=" but still I'm getting the same error. Also, I've checked the certificate using MMC.exe and I can find
my certificate is existing under CurrentUser->personal Please suggest me on the above.
如果您作为Windows服务运行,那么您确定已安装证书在服务可见的位置? Certs可以安装在计算机或用户级别。您的配置说您正在寻找当前用户的证书。因此,运行该服务的用户帐户
将需要证书。如果证书安装在计算机级别,则需要更改位置。我的商店在Personal下显示。如果证书位于其他地方,那么您也需要更改它。
If you're running as a Windows service then are you sure the cert is installed in a location visible to the service? Certs can be installed at the computer or user level. Your config says you're looking for the cert as the current user. So the user account which the service is running under would need the cert. If the cert is installed at the computer level then you need to change the location. The My store indicates under Personal. If the cert is located elsewhere then you need to change that as well.
对于无效的十六进制错误,您的指纹无效。如果您尝试直接从"证书管理器"对话框复制指纹,则可能会发生这种情况。它会在他们身上添加额外的角色你需要修复指纹。
For the invalid hex error, your thumbprint is invalid. This can happen if you try to copy the thumbprint directly from the Certificate Manager dialog. It puts extra characters on their. You need to fix the thumbprint.
最后,请注意我在控制台应用程序中遇到了类似的问题,其中find方法无法通过指纹找到证书。它就在那里,但它永远不会被发现。我最终不得不枚举证书,然后做一个简单的String.Compare反对
指纹找到它(不区分大小写)。我从未弄清楚为什么它不适用于Find。
Finally, note that I've run into a similar issue with a console app where the find method wouldn't find the cert by thumbprint. It was there but it would never be found. I ended up having to enumerate the certs and then do a simple String.Compare against the thumbprint to find it (case insensitive). I never did figure out why it wouldn't work with Find.