如何解决IIS 网站创建 - 创建 TLS 服务器凭据时发生致命错误
我正在以编程方式在 IIS 中创建一个网站。为了添加“https”的绑定,我创建了“pfx”证书,如下所示。
public static string MakeCertFile(string folderPath)
{
//Folder Path is comething like "C\\temp\\";
var password = "AdmTo@123";
var ecdsa = ECDsa.Create(); // generate asymmetric key pair
var req = new CertificateRequest("cn=corixaz",ecdsa,HashAlgorithmName.SHA256);
var cert = req.CreateSelfSigned(DateTimeOffset.Now,DateTimeOffset.Now.AddYears(5));
var friendlyName = "corixazServercert.cer";
string filename = folderPath + "\\" + friendlyName;
string pfxFriendlyFileName = "corixazServercert.pfx";
string pfxFileName = folderPath + "\\" + pfxFriendlyFileName;
File.WriteallBytes(pfxFileName,cert.Export(X509ContentType.Pfx,password)); //X509KeyStorageFlags.MachineKeySet
File.WriteallText(filename,"-----BEGIN CERTIFICATE-----\r\n"
+ Convert.ToBase64String(cert.Export(X509ContentType.Cert),Base64FormattingOptions.InsertLineBreaks)
+ "\r\n-----END CERTIFICATE-----");
InstallCertificate(pfxFriendlyFileName,password);
return pfxFriendlyFileName;
}
InstallCertificate 方法如下-
public static void InstallCertificate(string cerFileName,string password,StoreName soreName = StoreName.My)
{
X509Certificate2 certificate = new X509Certificate2(cerFileName,password,X509KeyStorageFlags.MachineKeySet);
certificate.FriendlyName = cerFileName;
X509Store store = new X509Store(StoreName.My,StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);
store.Add(certificate);
store.Close();
}
public static X509Certificate2 GetValidCertFromStore(string certificateName,StoreName storeName = StoreName.My)
{
X509Store store = new X509Store(storeName,StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certs = store.Certificates;
DateTime highestValidDate = DateTime.Today;
X509Certificate2 certToReturn = null;
foreach (var cert in certs)
{
if (cert.FriendlyName.Equals(certificateName))
{
if (certToReturn == null || cert.NotAfter >= highestValidDate)
{
certToReturn = cert; // we want to take the latest
}
}
}
return certToReturn;
}
public static void AddCertificatetoWebSite(Site site,string cerFileName,int port,string password)
{
X509Certificate2 certificate = GetValidCertFromStore(cerFileName);
X509Store store = new X509Store(StoreName.My,StoreLocation.LocalMachine);
var binding = site.Bindings.Add("*:443" + ":",certificate.GetCertHash(),store.Name);
binding.Protocol = "https";
store.Close();
}
在调用方法中,每当我执行“serverManager.CommitChanges()”调用时,我都会收到异常 - “发生内部错误。(0x8007054F)。”
当我查看事件日志时 - 错误是这样的 - “创建 TLS 服务器凭据时发生致命错误。内部错误状态为 10018。” 我在互联网上找不到任何与此相关的材料。 我使用的是 Windows Server 2019 和 IIS 10.0.1776
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。