The request with exception: The SSL connection could not be established, see inner exception. requestId 解决方案
查看 OPENSSLDIR 路径终极解决方案
1、查看 OPENSSLDIR 路径
$ openssl version -a
2、然后把 CentOS 默认的 openssl CA证书拷贝过来。
$ cp /etc/pki/tls/cert.pem /usr/local/openssl/
参考连接:https://lamjack.github.io/2018/05/11/centos-compile-openssl-missing-ca-bundle-crt/
忽略以下
============================================================
DOTNET CORE 部署 Centos7 抛出异常
环境变量如下:
.NET Core SDK (reflecting any global.json):
Version: 2.2.401
Commit: 729b316c13
Runtime Environment:
OS Name: centos
OS Version: 7
OS Platform: Linux
RID: centos.7-x64
Base Path: /usr/share/dotnet/sdk/2.2.401/
Host (useful for support):
Version: 2.2.6
Commit: 7dac9b1b51
.NET Core SDKs installed:
2.2.401 [/usr/share/dotnet/sdk]
.NET Core runtimes installed:
Microsoft.AspNetCore.All 2.2.6 [/usr/share/dotnet/shared/Microsoft.AspNetCore.All]
Microsoft.AspNetCore.App 2.2.6 [/usr/share/dotnet/shared/Microsoft.AspNetCore.App]
Microsoft.NETCore.App 2.2.6 [/usr/share/dotnet/shared/Microsoft.NETCore.App]
To install additional .NET Core runtimes or SDKs:
https://aka.ms/dotnet-download
测试代码:
using System;
using System.Diagnostics;
using System.Net.Http;
using System.Net.Http.Headers; namespace TestHttpClient
{
class Program
{
static void Main(string[] args)
{
try
{
using (var httpClient = new HttpClient())
{
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); string url = "https://jsonplaceholder.typicode.com/posts/1";
var response = httpClient.GetAsync(url).Result;
string jsonResult = response.Content.ReadAsStringAsync().Result;
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.ToString());
}
}
}
}
服务器抛出异常:
System.AggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.) ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
……………………………………………………
OR
The remote certificate is invalid according to the validation procedure.
解决方案:
By defining the System.Net.Http.UseSocketsHttpHandler switch in the .netcore.runtimeconfig.json configuration file:
"runtimeOptions": {
"configProperties": {
"System.Net.Http.UseSocketsHttpHandler": false
}
}
=====================
以上可以解决问题,但不是根本解决
问题分析如下:
后续请参考以下:
using System;
using System.Diagnostics;
using System.Net;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks; namespace ConsoleClientTest
{
internal class Program
{
private static async Task Main(string[] args)
{
try
{ //AppContext.SetSwitch("System.Net.Http.UseSocketsHttpHandler", false);
using (var httpClientHandler = new HttpClientHandler())
{
httpClientHandler.ServerCertificateCustomValidationCallback = (message, certificate, chain, sslPolicyErrors) =>
{
Console.WriteLine("\r\n\r\n===================message==================\r\n\r\n {0}", message.ToString());
Console.WriteLine("\r\n\r\n==================cert==================\r\n\r\n {0}", certificate.ToString());
Console.WriteLine("\r\n\r\n==================chain==================\r\n\r\n{0}", chain.ToString());
Console.WriteLine("\r\n\r\n==================chain status==================\r\n\r\n{0}",
chain.ChainStatus.ToString());
Console.WriteLine("\r\n\r\n==================errors==================\r\n\r\n{0}", sslPolicyErrors.ToString()); Console.WriteLine("\r\n\r\n====================================================\r\n\r\n");
Console.WriteLine($"Received certificate with subject {certificate.Subject}");
Console.WriteLine("\r\n\r\n====================================================\r\n\r\n");
Console.WriteLine($"Current policy errors: {sslPolicyErrors}");
Console.WriteLine("\r\n\r\n====================================================\r\n\r\n"); if (sslPolicyErrors == SslPolicyErrors.None)
return true;
else
{
if ((SslPolicyErrors.RemoteCertificateNameMismatch & sslPolicyErrors) == SslPolicyErrors.RemoteCertificateNameMismatch)
{
Console.WriteLine("证书名称不匹配{0}", sslPolicyErrors);
} if ((SslPolicyErrors.RemoteCertificateChainErrors & sslPolicyErrors) == SslPolicyErrors.RemoteCertificateChainErrors)
{ foreach (X509ChainStatus status in chain.ChainStatus)
{
Console.WriteLine("status code = {0}", status.Status);
Console.WriteLine("Status info = {0}", status.StatusInformation);
} }
Console.WriteLine("证书验证失败{0}", sslPolicyErrors);
} return false;
}; Console.WriteLine("\r\n\r\n====================================================\r\n\r\n");
using (var httpClient = new HttpClient(httpClientHandler))
{
httpClient.DefaultRequestHeaders.Accept.Add(
new MediaTypeWithQualityHeaderValue("application/json"));
const string url = "https://jsonplaceholder.typicode.com/posts/1";
using (var response = await httpClient.GetAsync(url))
{
var jsonResult = await response.Content.ReadAsStringAsync();
Console.WriteLine(jsonResult);
}
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
}
}
}
通过以上代码,打印出以下语句
Status info = unable to get local issuer certificate trustasia
回想起昨天编译Nginx,手动安装了OPENSSL,版本问题,恢复后,一切正常
The request with exception: The SSL connection could not be established, see inner exception. requestId 解决方案的更多相关文章
- NetCore HttpClient The SSL connection could not be established, see inner exception
之前遇到一个问题 https://www.cnblogs.com/leoxjy/p/10201046.html 在centos 7.x HttpClient访问会出问题 The SSL conne ...
- powercli The SSL connection could not be established, see inner exception. 问题解决
Connect-VIServer -Server 这里是"SSL连接不能建立......"这实际上意味着你没有一个有效的证书.如果你想连接到vCenter没有一个有效的证书,您必须 ...
- HttpClient SSL connection could not be established error
系统从.net framework 升级到dotnet core2.1 原先工作正常的httpclient,会报SSL connection could not be established erro ...
- Could not create SSL connection through proxy serve-svn
RA layer request failedsvn: Unable to connect to a repository at URL xxxxxx 最后:Could not create SSL ...
- Java连接MySQL Warning: Establishing SSL connection without server's identity verification is not recommended
1. 数据库 1.1 创建表 在当前数据库students中,创建数据表student: mysql> create table student( ),#学生ID ),#学生姓名 -> a ...
- MySQL 警告WARN: Establishing SSL connection without server's identity verification is not recommended.解决办法
Fri Jun 17 13:46:54 CST 2016 WARN: Establishing SSL connection without server's identity verificatio ...
- WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default i
jdbc连接数据库候,对数据进行访问,访问正常当出现如下警告: WARN: Establishing SSL connection without server's identity verifica ...
- SVN通过域名连不上服务器地址(svn: E175002: OPTIONS request failed on '/svn/yx-SVN-Server' Connection refused: connect)
用域名直连就连不上,如果换成了ip直连就可以连接上去了 https://yx-server01/svn/yx-SVN-Server 换为了 https://192.168.188.208/svn/yx ...
- C3P0 WARN: Establishing SSL connection without server's identity verification is not recommended
c3p0的出现,是为了大大提高应用程序和数据库之间访问效率的. 它的特性: 编码的简单易用 连接的复用 连接的管理 今天在配置C3p0的时候出现了这个warn 原因是因为要验证SSL Wed Se ...
随机推荐
- 测开之路三十九:js基础
js的两种使用方式 第一种使用方式:单独写js文件 在static下新建一个js文件并写入内容 alert('这是一个弹窗'); 在html文件里面,用script标签引入 <script sr ...
- appium常见问题06_如何解决uiaotomator定位工具报错
在使用uiaotomator工具定位元素过程中,经常会弹出报错,截图失败,导致无法定位元素,当遇到该问题时,解决办法如下: 方法一:拔掉手机usb连接,重新连接手机 方法二:adb杀掉手机服务,重起服 ...
- 为什么学python
一.什么是Python Python [1](英国发音:/ˈpaɪθən/ 美国发音:/ˈpaɪθɑːn/), 是一种面向对象的解释型计算机程序设计语言,由荷兰人Guido van Rossum发明. ...
- Springboot02-配置文件
配置文件读取 springboot中的配置文件都放在application.properties中,其中而k-v属性可以通过@Value("${属性名}")直接获取 @Compon ...
- [LeetCode] 181.超过经理收入的员工
Employee表包含所有员工,他们的经理也属于员工.每个员工都有一个 Id,此外还有一列对应员工的经理的 Id. +----+-------+--------+-----------+ | Id | ...
- Spark Streaming + Kafka 整合向导之createDirectStream
启动zk: zkServer.sh start 启动kafka:kafka-server-start.sh $KAFKA_HOME/config/server.properties 创建一个topic ...
- 原生AJAX的封装
/**调用AJAX ajaxPlug.openajax({ url: "./TestXHR.aspx", //请求地址 type: "POST", //请求方式 ...
- Pycharm2019版官方版本激活码,无需破解
AHD9079DKZ-eyJsaWNlbnNlSWQiOiJBSEQ5MDc5REtaIiwibGljZW5zZWVOYW1lIjoiSmV0IEdyb3VwcyIsImFzc2lnbmVlTmFtZ ...
- IDisposable实现的方法什么时候被执行的
一,以什么是GC所认为的垃圾? 不再被应用程序的root或者别的对象所引用的对象就是已经死亡的对象,即所谓的垃圾,需要被回收 二,在仓储设计中,我们都知道非托管资源的手动释放,但继承的IDisposa ...
- 数组Array的十种使用方法
第一种方法 array toString () 将数组的元素全部转换为字符串; 第二种方法 array join ("这里是分隔符") 这种方法可以把数组的元素转换为字符串,并把分 ...