The request with exception: The SSL connection could not be established, see inner exception. requestId 解决方案
查看 OPENSSLDIR 路径终极解决方案
1、查看 OPENSSLDIR 路径
$ openssl version -a
2、然后把 CentOS 默认的 openssl CA证书拷贝过来。
$ cp /etc/pki/tls/cert.pem /usr/local/openssl/
参考连接:https://lamjack.github.io/2018/05/11/centos-compile-openssl-missing-ca-bundle-crt/
忽略以下
============================================================
DOTNET CORE 部署 Centos7 抛出异常
环境变量如下:
.NET Core SDK (reflecting any global.json):
Version: 2.2.401
Commit: 729b316c13
Runtime Environment:
OS Name: centos
OS Version: 7
OS Platform: Linux
RID: centos.7-x64
Base Path: /usr/share/dotnet/sdk/2.2.401/
Host (useful for support):
Version: 2.2.6
Commit: 7dac9b1b51
.NET Core SDKs installed:
2.2.401 [/usr/share/dotnet/sdk]
.NET Core runtimes installed:
Microsoft.AspNetCore.All 2.2.6 [/usr/share/dotnet/shared/Microsoft.AspNetCore.All]
Microsoft.AspNetCore.App 2.2.6 [/usr/share/dotnet/shared/Microsoft.AspNetCore.App]
Microsoft.NETCore.App 2.2.6 [/usr/share/dotnet/shared/Microsoft.NETCore.App]
To install additional .NET Core runtimes or SDKs:
https://aka.ms/dotnet-download
测试代码:
using System;
using System.Diagnostics;
using System.Net.Http;
using System.Net.Http.Headers; namespace TestHttpClient
{
class Program
{
static void Main(string[] args)
{
try
{
using (var httpClient = new HttpClient())
{
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); string url = "https://jsonplaceholder.typicode.com/posts/1";
var response = httpClient.GetAsync(url).Result;
string jsonResult = response.Content.ReadAsStringAsync().Result;
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.ToString());
}
}
}
}
服务器抛出异常:
System.AggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.) ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
……………………………………………………
OR
The remote certificate is invalid according to the validation procedure.
解决方案:
By defining the System.Net.Http.UseSocketsHttpHandler switch in the .netcore.runtimeconfig.json configuration file:
"runtimeOptions": {
"configProperties": {
"System.Net.Http.UseSocketsHttpHandler": false
}
}
=====================
以上可以解决问题,但不是根本解决
问题分析如下:
后续请参考以下:
using System;
using System.Diagnostics;
using System.Net;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks; namespace ConsoleClientTest
{
internal class Program
{
private static async Task Main(string[] args)
{
try
{ //AppContext.SetSwitch("System.Net.Http.UseSocketsHttpHandler", false);
using (var httpClientHandler = new HttpClientHandler())
{
httpClientHandler.ServerCertificateCustomValidationCallback = (message, certificate, chain, sslPolicyErrors) =>
{
Console.WriteLine("\r\n\r\n===================message==================\r\n\r\n {0}", message.ToString());
Console.WriteLine("\r\n\r\n==================cert==================\r\n\r\n {0}", certificate.ToString());
Console.WriteLine("\r\n\r\n==================chain==================\r\n\r\n{0}", chain.ToString());
Console.WriteLine("\r\n\r\n==================chain status==================\r\n\r\n{0}",
chain.ChainStatus.ToString());
Console.WriteLine("\r\n\r\n==================errors==================\r\n\r\n{0}", sslPolicyErrors.ToString()); Console.WriteLine("\r\n\r\n====================================================\r\n\r\n");
Console.WriteLine($"Received certificate with subject {certificate.Subject}");
Console.WriteLine("\r\n\r\n====================================================\r\n\r\n");
Console.WriteLine($"Current policy errors: {sslPolicyErrors}");
Console.WriteLine("\r\n\r\n====================================================\r\n\r\n"); if (sslPolicyErrors == SslPolicyErrors.None)
return true;
else
{
if ((SslPolicyErrors.RemoteCertificateNameMismatch & sslPolicyErrors) == SslPolicyErrors.RemoteCertificateNameMismatch)
{
Console.WriteLine("证书名称不匹配{0}", sslPolicyErrors);
} if ((SslPolicyErrors.RemoteCertificateChainErrors & sslPolicyErrors) == SslPolicyErrors.RemoteCertificateChainErrors)
{ foreach (X509ChainStatus status in chain.ChainStatus)
{
Console.WriteLine("status code = {0}", status.Status);
Console.WriteLine("Status info = {0}", status.StatusInformation);
} }
Console.WriteLine("证书验证失败{0}", sslPolicyErrors);
} return false;
}; Console.WriteLine("\r\n\r\n====================================================\r\n\r\n");
using (var httpClient = new HttpClient(httpClientHandler))
{
httpClient.DefaultRequestHeaders.Accept.Add(
new MediaTypeWithQualityHeaderValue("application/json"));
const string url = "https://jsonplaceholder.typicode.com/posts/1";
using (var response = await httpClient.GetAsync(url))
{
var jsonResult = await response.Content.ReadAsStringAsync();
Console.WriteLine(jsonResult);
}
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
}
}
}
通过以上代码,打印出以下语句
Status info = unable to get local issuer certificate trustasia
回想起昨天编译Nginx,手动安装了OPENSSL,版本问题,恢复后,一切正常
The request with exception: The SSL connection could not be established, see inner exception. requestId 解决方案的更多相关文章
- NetCore HttpClient The SSL connection could not be established, see inner exception
之前遇到一个问题 https://www.cnblogs.com/leoxjy/p/10201046.html 在centos 7.x HttpClient访问会出问题 The SSL conne ...
- powercli The SSL connection could not be established, see inner exception. 问题解决
Connect-VIServer -Server 这里是"SSL连接不能建立......"这实际上意味着你没有一个有效的证书.如果你想连接到vCenter没有一个有效的证书,您必须 ...
- HttpClient SSL connection could not be established error
系统从.net framework 升级到dotnet core2.1 原先工作正常的httpclient,会报SSL connection could not be established erro ...
- Could not create SSL connection through proxy serve-svn
RA layer request failedsvn: Unable to connect to a repository at URL xxxxxx 最后:Could not create SSL ...
- Java连接MySQL Warning: Establishing SSL connection without server's identity verification is not recommended
1. 数据库 1.1 创建表 在当前数据库students中,创建数据表student: mysql> create table student( ),#学生ID ),#学生姓名 -> a ...
- MySQL 警告WARN: Establishing SSL connection without server's identity verification is not recommended.解决办法
Fri Jun 17 13:46:54 CST 2016 WARN: Establishing SSL connection without server's identity verificatio ...
- WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default i
jdbc连接数据库候,对数据进行访问,访问正常当出现如下警告: WARN: Establishing SSL connection without server's identity verifica ...
- SVN通过域名连不上服务器地址(svn: E175002: OPTIONS request failed on '/svn/yx-SVN-Server' Connection refused: connect)
用域名直连就连不上,如果换成了ip直连就可以连接上去了 https://yx-server01/svn/yx-SVN-Server 换为了 https://192.168.188.208/svn/yx ...
- C3P0 WARN: Establishing SSL connection without server's identity verification is not recommended
c3p0的出现,是为了大大提高应用程序和数据库之间访问效率的. 它的特性: 编码的简单易用 连接的复用 连接的管理 今天在配置C3p0的时候出现了这个warn 原因是因为要验证SSL Wed Se ...
随机推荐
- 建站手册-网站建设:Web 安全
ylbtech-建站手册-网站建设:Web 安全 1.返回顶部 1. http://www.w3school.com.cn/site/site_security.asp 2. 2.返回顶部 1. 此刻 ...
- /proc/interrupts /proc/stat 查看中断信息
/proc/interrupts列出当前所以系统注册的中断,记录中断号,中断发生次数,中断设备名称 如下图:从左至右:中断号 中断次数 中断设备名称 从上图可知中断号为19的arch_timer ...
- OpenCV2.4.8 + CUDA7.5 + VS2013 配置
配置过程主要参考:https://initialneil.wordpress.com/2014/09/25/opencv-2-4-9-cuda-6-5-visual-studio-2013/ 1.为什 ...
- laravel 向多视图及所有视图传递数据变量
向单个视图传递变量 1.使用with()方法 : view('user.lists')->with('title',$title); 2.直接view()传参: view('user.lists ...
- Springboot02-配置文件
配置文件读取 springboot中的配置文件都放在application.properties中,其中而k-v属性可以通过@Value("${属性名}")直接获取 @Compon ...
- python删除某一行
整理了网络上的一些方法,一般有两种方法:第一种:是先把文件读入内存,在内存中修改后再写入源文件. 例子:将内容包含“123”的所有行删去: with open('C:/Users/lai/Deskto ...
- 二、python基础之列表、元组
一.列表 列表的概念: 列表由一系列按特定顺序排列的元素组成.你可以创建包含字母表中所有字母.数字0-9或所有家庭成员姓名的列表:也可以将任何东西加入列表中,其中的元素之间没有任何关系.鉴于列表通常包 ...
- 45-python基础-python3-字符串-常用字符串方法(三)-startswith()-endswith()
4-字符串方法 startswith()和 endswith() startswith()和 endswith()判断字符串是否以某个字符串开始或结尾,存在返回 True,否则,方法返回 False. ...
- go 发送http请求
普通的get请求 package main import ( "io/ioutil" "fmt" "net/http" ) func mai ...
- 同步任务 AsyncTask 介绍
AsyncTask 顾名思义,是在我们需要执行同步任务的时候使用,这个类可以做一些后台操作,然后将结果返回的UI来,因为这个类本身封装了Handler和Thread,所以我们不需要直接去操作这两个类, ...