如何使用单声道解决 OSX 上的 SecureChannelFailure

How do I resolve SecureChannelFailure on OSX with mono(如何使用单声道解决 OSX 上的 SecureChannelFailure)

本文介绍了如何使用单声道解决 OSX 上的 SecureChannelFailure的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试访问

如果你得到一个 HttpRequestException:

错误:TrustFailure(Ssl 错误:1000007d:SSL 例程:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED)--->Mono.Btls.MonoBtlsException

<块引用>

这意味着您没有新格式的证书.运行工具btls-cert-sync"将现有的根证书转换为新的文件格式.如果btls-cert-sync"报错The Old Trust Store does not exist",你首先需要告诉Mono如何找到这些证书,这个页面描述了如何去做:

I'm trying to access https://geocoder.cit.api.here.com with .NET (F#) on mono. I'm using the Http helper from FSharp.Data using the following code:

let baseUrl = "https://geocoder.cit.api.here.com/6.2/geocode.json?searchtext=1701%20McFarland%20Blvd%20E%20Tuscaloosa%09%20AL&app_id=<Some app id>&app_code=<Some app code>"

let res = Http.RequestString(baseUrl)

Running this for me on OSX Sierra (10.12.2) with mono version 4.6.2 yields a SecureChannelFailure. How do I resolve this? I have tried mozroots --import --ask-remove but that didn't help. There are certs in ~/.config/.mono/certs/Trust.

I have even tried to bypass the check, since I'm just investigating the API, but that doesn't work either. The way I tried to bypass it is:

let callback = Security.RemoteCertificateValidationCallback(fun _ _ _ _ -> true)
ServicePointManager.ServerCertificateValidationCallback <- callback

解决方案

Using Mono 4.8+ you can assign the environment variable MONO_TLS_PROVIDER to btls before running your CIL-based .exe:

export MONO_TLS_PROVIDER=btls
mono someFSharpAssembly.exe

On via Xamarin Studio / Visual Studio for Mac assign it to a Run configuration:

If you then get an HttpRequestException:

Error: TrustFailure (Ssl error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED) ---> Mono.Btls.MonoBtlsException

It means that you do not have the certificates in the new format. Run the tool "btls-cert-sync" to convert your existing root certificates into the new file format. If "btls-cert-sync" complains that "The Old Trust Store does not exist", you first need to tell Mono how to find these certificates, this page describes how to do it:

这篇关于如何使用单声道解决 OSX 上的 SecureChannelFailure的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!

本文标题为:如何使用单声道解决 OSX 上的 SecureChannelFailure

基础教程推荐