我正在处理窗口服务,我需要调用使用 x509 证书类型安全性进行身份验证的 Web 服务。
现在,我通过导入.pfx和.crt文件然后在系统上导出.cer文件,在我的系统上生成了.cer文件。我在VS2015中使用它与Web服务进行通信。
它工作正常。然后,如果我创建安装程序并在同一系统上安装,但在下面给出错误。其错误由 Web 服务返回
"error_name" : "authentication_failure",
"error_advice" : "Your identity could not be authenticated. This may mean that your request was not accompanied with your Client Certificate, or your software does not have access to your Private Key in order to encrypt messages correctly. Please check your software's configuration and associated file permissions for both your Client Certificate and Private Key. In addition, please check that your software supports secure connections using TLS 1.2 or higher."
早些时候,当我尝试在Visual Studio中进行调试并且它工作正常时,我使用以下代码加载.cer
X509Certificate certificate = X509Certificate.CreateFromCertFile(ConfigurationManager.AppSettings["CertificateFilePath"].ToString());
和在应用程序中
配置中<add key="CertificateFilePath" value="E:ZooplaCertstestzooplasandbox_cert.cer"/>
现在,当我创建安装程序并安装和运行窗口服务时,出现上述错误
我尝试将代码更改为下面
var certificate = new X509Certificate2(ConfigurationManager.AppSettings["CertificateFilePath"].ToString(), string.Empty, X509KeyStorageFlags.MachineKeySet);
但仍然得到同样的错误。然后我尝试从服务中更改Log On Type并选择Local System Account但仍然相同的错误
尝试通过安装运行窗口服务时收到错误
"error_name" : "authentication_failure",
"error_advice" : "Your identity could not be authenticated. This may mean that your request was not accompanied with your Client Certificate, or your software does not have access to your Private Key in order to encrypt messages correctly. Please check your software's configuration and associated file permissions for both your Client Certificate and Private Key. In addition, please check that your software supports secure connections using TLS 1.2 or higher."
我现在一切正常 当我尝试从.pfx为本地系统帐户创建一个新的.cer文件并将窗口服务登录选项设置为本地系统