我很难找到解决方法,因为该问题仅在Azure Linux应用程序服务中发生。本地(win10)和Azure Windows应用程序服务中,都没有问题。
该应用程序是ASP.NET Core 3.1,并且我已经将自定义服务创建为HttpClient:
private readonly HttpClient _client;
public NpiapiService(HttpClient client)
{
_client = client;
_client.BaseAddress = new Uri("https://npiregistry.cms.hhs.gov/api/");
}
public class AllowCertsMessageHandler : HttpClientHandler
{
public AllowCertsMessageHandler()
{
this.ClientCertificateOptions = ClientCertificateOption.Manual;
this.ServerCertificateCustomValidationCallback = (requestMessage,cert,certChain,policyErrors) =>
{
return true;
};
}
}
public async Task<NPIResult> LoadNPI(string npi)
{
var response = await _client.Getasync(new Uri($"?version=2.1&number={npi}",UriKind.Relative),HttpCompletionOption.ResponseContentRead);
if (response.IsSuccessStatusCode)
{
var rawstring = await response.Content.ReadAsStringAsync();
return System.Text.Json.JsonSerializer.Deserialize<NPIResult>(rawstring);
}
return null;
}
请注意AllowCertsMessageHandler
:我将其添加为希望的解决方法,但无济于事。
services.AddHttpClient<Services.NpiapiService>()
.ConfigurePrimaryHttpMessageHandler(() =>
{
return new HttpClientHandler()
{
ClientCertificateOptions = ClientCertificateOption.Manual,ServerCertificateCustomValidationCallback = (requestMessage,policyErrors) =>
{
return true;
}
};
});
上面的代码在我尝试过的所有地方都可以正常工作,除了在Azure Linux App Service中特别适用。
我也尝试过对openssl.conf进行一些更改,但似乎没有任何改变。 这是我第一次尝试与x平台兼容的应用程序,因此我仍在学习。
我很确定这与环境有关,但是我欢迎任何建议。 预先感谢... 堆栈异常跟踪:
2020-06-10T19:18:31.232053228Z: [INFO] [40m[32minfo[39m[22m[49m: System.Net.Http.HttpClient.NpiapiService.LogicalHandler[100]
2020-06-10T19:18:31.232121130Z: [INFO] Start processing HTTP request GET https://npiregistry.cms.hhs.gov/api/?version=2.1&number=1316923212
2020-06-10T19:18:31.233564068Z: [INFO] [40m[32minfo[39m[22m[49m: System.Net.Http.HttpClient.NpiapiService.ClientHandler[100]
2020-06-10T19:18:31.233584268Z: [INFO] Sending HTTP request GET https://npiregistry.cms.hhs.gov/api/?version=2.1&number=1316923212
2020-06-10T19:18:31.387040818Z: [INFO] [41m[30mfail[39m[22m[49m: microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
2020-06-10T19:18:31.387088119Z: [INFO] An unhandled exception has occurred while executing the request.
2020-06-10T19:18:31.388164847Z: [INFO] System.Net.Http.HttpRequestException: **The SSL connection could not be established,see inner exception.**
2020-06-10T19:18:31.388184048Z: [INFO] ---> system.security.Authentication.AuthenticationException: **Authentication failed,see inner exception.**
2020-06-10T19:18:31.388194148Z: [INFO] ---> Interop+OpenSsl+SslException: **SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL.**
2020-06-10T19:18:31.389275477Z: [INFO] ---> Interop+Crypto+OpenSslCryptographicException: **error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small**
2020-06-10T19:18:31.389293777Z: [INFO] --- End of inner exception stack trace ---
2020-06-10T19:18:31.394673519Z: [INFO] at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context,Byte[] recvBuf,Int32 recvOffset,Int32 recvCount,Byte[]& sendBuf,Int32& sendCount)
2020-06-10T19:18:31.394697020Z: [INFO] at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential,SafeDeleteContext& context,ArraySegment`1 inputBuffer,Byte[]& outputBuffer,SslAuthenticationOptions sslAuthenticationOptions)
2020-06-10T19:18:31.394708120Z: [INFO] --- End of inner exception stack trace ---