[UWP]信任本地网络的自签名开发证书

人气:587 发布:2022-09-22 其他开发语言 wpdevelop

问题描述

我正在开发的UWP应用程序连接到Web API。到目前为止,我一直在一台计算机上进行调试。接下来,我现在想在我的本地网络上的多台计算机上运行它时调试应用程序。其中一台计算机运行 Web API,其他计算机必须连接到它。

我以为我可以生成(以及配置网络API并安装)在客户身上)一个新的自我签署的"发展"使用本地IP地址而不是"localhost"的证书。不幸的是,我这样做的尝试都失败了。我一直按 证书颁发机构无效或不正确例外。

IIS或Visual Studio生成的开发证书有什么特别之处,以便我的UWP应用程序信任它但是为我生成的那个引发上述异常? UWP是否硬接线为localhost接受自签名证书但拒绝所有其他自签名证书?

解决方案

您是否在自己的UWP应用中加入了自签名证书? 请参阅此 博客了解详情。如博客中所述,如果您能够在应用中包含自签名根证书,则无需绕过访问HTTPS URL的服务器证书验证错误。

In此外,您还可以通过 set 为属性 HttpbaseProtocolFilter。 ClientCertificate , 请参阅以下代码。

 HttpbaseProtocolFilter filter = new HttpbaseProtocolFilter();   //读取证书文件的内容 System.Uri certificateFile = new System.Uri(" ms-appx:/// {* .cer}");  Windows.Storage.StorageFile file = await Windows.Storage.StorageFile.GetFileFromApplicationUriAsync(certificateFile);  Windows.Storage.Streams.IBuffer certBlob = await Windows.Storage.FileIO.ReadBufferAsync(file);   //使用检索到的证书blob内容创建Certificate类的实例 Windows.Security.Cryptography.Certificates.Certificate rootCert = new Windows.Security.Cryptography.Certificates.Certificate(certBlob );   filter.ClientCertificate = rootCert;   HttpClient httpClient = new HttpClient(filter);  Uri resourceUri = new Uri(" {your http url}");  HttpResponseMessage response = await httpClient.GetAsync(resourceUri);  var content = await response.Content.ReadAsStringAsync();  

祝你好运,

罗伊

The UWP app I'm developing connects to a web API. Up until now I've been debugging on a single computer. Moving forward I'd now like to debug the app while running it on multiple computers on my local network. One of the computers runs the web API and the other computers must connect to it.

I thought I could just generate (as well as configure the web API and install on the clients) a new self-signed "development" certificate that uses the local IP address instead of `localhost`. Unfortunately my attempts at doing so have all failed. I keep hitting the The certificate authority is invalid or incorrectexception.

What's special about the development certificate that IIS or Visual Studio produces such that my UWP app trusts it but throws the above exception for the one I generate? Is UWP hardwired to accept self-signed certificates for localhost but reject all other self-signed certificates?

解决方案

Hi

Did you include the self-signed certificate with your UWP apps? Please refer to this blog for details. As mentioned in the blog if you have the capability of including self-signed root certificates with your app you do not have to bypass server certificate validation errors accessing HTTPS URLs.

In addition you can also assign the certificate for each http request by setting the property HttpbaseProtocolFilter. ClientCertificateplease refer to following code.

                HttpbaseProtocolFilter filter = new HttpbaseProtocolFilter();

                // Read the contents of the Certificate file
                System.Uri certificateFile = new System.Uri("ms-appx:///{*.cer} ");
                Windows.Storage.StorageFile file = await Windows.Storage.StorageFile.GetFileFromApplicationUriAsync(certificateFile);
                Windows.Storage.Streams.IBuffer certBlob = await Windows.Storage.FileIO.ReadBufferAsync(file);

                // Create an instance of the Certificate class using the retrieved certificate blob contents
                Windows.Security.Cryptography.Certificates.Certificate rootCert = new Windows.Security.Cryptography.Certificates.Certificate(certBlob);

                filter.ClientCertificate = rootCert;

                HttpClient httpClient = new HttpClient(filter);
                Uri resourceUri = new Uri("{your http url}");
                HttpResponseMessage response = await httpClient.GetAsync(resourceUri);
                var content = await response.Content.ReadAsStringAsync();

Best regards

Roy

473