SslStream 构造函数
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
初始化 SslStream 类的新实例。
重载
注解
若要防止 SslStream 关闭提供的流,请使用 SslStream 构造函数。
SslStream(Stream)
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream);public SslStream (System.IO.Stream innerStream);new System.Net.Security.SslStream : System.IO.Stream -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream)参数
例外
注解
如果未在加密策略的配置文件中指定值,EncryptionPolicy则构造的实例的 SslStream 默认EncryptionPolicy.RequireEncryption为 。
当加密策略设置为 EncryptionPolicy.NoEncryption时,需要使用 Null 密码。
适用于
SslStream(Stream, Boolean)
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen);new System.Net.Security.SslStream : System.IO.Stream * bool -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean)参数
例外
示例
下面的代码示例演示如何调用此构造函数。
static void ProcessClient( TcpClient^ client )
{
// A client has connected. Create the
// SslStream using the client's network stream.
SslStream^ sslStream = gcnew SslStream( client->GetStream(),false );
// Authenticate the server but don't require the client to authenticate.
try
{
sslStream->AuthenticateAsServer( serverCertificate, false, true );
// false == no client cert required; true == check cert revocation.
// Display the properties and settings for the authenticated stream.
DisplaySecurityLevel( sslStream );
DisplaySecurityServices( sslStream );
DisplayCertificateInformation( sslStream );
DisplayStreamProperties( sslStream );
// Set timeouts for the read and write to 5 seconds.
sslStream->ReadTimeout = 5000;
sslStream->WriteTimeout = 5000;
// Read a message from the client.
Console::WriteLine( L"Waiting for client message..." );
String^ messageData = ReadMessage( sslStream );
Console::WriteLine( L"Received: {0}", messageData );
// Write a message to the client.
array<Byte>^message = Encoding::UTF8->GetBytes( L"Hello from the server.<EOF>" );
Console::WriteLine( L"Sending hello message." );
sslStream->Write( message );
}
catch ( AuthenticationException^ e )
{
Console::WriteLine( L"Exception: {0}", e->Message );
if ( e->InnerException != nullptr )
{
Console::WriteLine( L"Inner exception: {0}", e->InnerException->Message );
}
Console::WriteLine( L"Authentication failed - closing the connection." );
sslStream->Close();
client->Close();
return;
}
finally
{
// The client stream will be closed with the sslStream
// because we specified this behavior when creating
// the sslStream.
sslStream->Close();
client->Close();
}
}
static void ProcessClient (TcpClient client)
{
// A client has connected. Create the
// SslStream using the client's network stream.
SslStream sslStream = new SslStream(
client.GetStream(), false);
// Authenticate the server but don't require the client to authenticate.
try
{
sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired: false, checkCertificateRevocation: true);
// Display the properties and settings for the authenticated stream.
DisplaySecurityLevel(sslStream);
DisplaySecurityServices(sslStream);
DisplayCertificateInformation(sslStream);
DisplayStreamProperties(sslStream);
// Set timeouts for the read and write to 5 seconds.
sslStream.ReadTimeout = 5000;
sslStream.WriteTimeout = 5000;
// Read a message from the client.
Console.WriteLine("Waiting for client message...");
string messageData = ReadMessage(sslStream);
Console.WriteLine("Received: {0}", messageData);
// Write a message to the client.
byte[] message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
Console.WriteLine("Sending hello message.");
sslStream.Write(message);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine ("Authentication failed - closing the connection.");
sslStream.Close();
client.Close();
return;
}
finally
{
// The client stream will be closed with the sslStream
// because we specified this behavior when creating
// the sslStream.
sslStream.Close();
client.Close();
}
}
Private Shared Sub ProcessClient(client As TcpClient)
' A client has connected. Create the
' SslStream using the client's network stream.
Dim sslStream = New SslStream(client.GetStream(), False)
Try
sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired:=False, checkCertificateRevocation:=True)
' Display the properties And settings for the authenticated stream.
DisplaySecurityLevel(sslStream)
DisplaySecurityServices(sslStream)
DisplayCertificateInformation(sslStream)
DisplayStreamProperties(sslStream)
' Set timeouts for the read and write to 5 seconds.
sslStream.ReadTimeout = 5000
sslStream.WriteTimeout = 5000
' Read a message from the client.
Console.WriteLine("Waiting for client message...")
Dim messageData As String = ReadMessage(sslStream)
Console.WriteLine("Received: {0}", messageData)
' Write a message to the client.
Dim message As Byte() = Encoding.UTF8.GetBytes("Hello from the server.<EOF>")
Console.WriteLine("Sending hello message.")
sslStream.Write(message)
Catch e As AuthenticationException
Console.WriteLine("Exception: {0}", e.Message)
If e.InnerException IsNot Nothing Then
Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
End If
Console.WriteLine("Authentication failed - closing the connection.")
sslStream.Close()
client.Close()
Return
Finally
' The client stream will be closed with the sslStream
' because we specified this behavior when creating
' the sslStream.
sslStream.Close()
client.Close()
End Try
End Sub
注解
为 参数指定true时,关闭 SslStream 对流没有影响innerStream;当不再需要时,必须显式关闭innerStream。leaveStreamOpen
如果未在加密策略的配置文件中指定值,EncryptionPolicy则构造的实例的 SslStream 默认EncryptionPolicy.RequireEncryption为 。
当加密策略设置为 EncryptionPolicy.NoEncryption时,需要使用 Null 密码。
适用于
SslStream(Stream, Boolean, RemoteCertificateValidationCallback)
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback);new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback)参数
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback 委托,负责验证远程方提供的证书。
例外
示例
下面的代码示例创建 SslStream 并启动身份验证的客户端部分。
// Create a TCP/IP client socket.
// machineName is the host running the server application.
TcpClient^ client = gcnew TcpClient(machineName, 5000);
Console::WriteLine("Client connected.");
// Create an SSL stream that will close
// the client's stream.
SslStream^ sslStream = gcnew SslStream(
client->GetStream(), false,
gcnew RemoteCertificateValidationCallback(ValidateServerCertificate),
nullptr);
// The server name must match the name
// on the server certificate.
try
{
sslStream->AuthenticateAsClient(serverName);
}
catch (AuthenticationException^ ex)
{
Console::WriteLine("Exception: {0}", ex->Message);
if (ex->InnerException != nullptr)
{
Console::WriteLine("Inner exception: {0}",
ex->InnerException->Message);
}
Console::WriteLine("Authentication failed - "
"closing the connection.");
sslStream->Close();
client->Close();
return;
}
// Create a TCP/IP client socket.
// machineName is the host running the server application.
TcpClient client = new TcpClient(machineName,5000);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback (ValidateServerCertificate),
null
);
// The server name must match the name on the server certificate.
try
{
sslStream.AuthenticateAsClient(serverName);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine ("Authentication failed - closing the connection.");
client.Close();
return;
}
' Create a TCP/IP client socket.
' machineName is the host running the server application.
Dim client = New TcpClient(machineName, 5000)
Console.WriteLine("Client connected.")
' Create an SSL stream that will close the client's stream.
Dim sslStream = New SslStream(
client.GetStream(), False,
New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate), Nothing)
' The server name must match the name on the server certificate.
Try
sslStream.AuthenticateAsClient(serverName)
Catch e As AuthenticationException
Console.WriteLine("Exception: {0}", e.Message)
If e.InnerException IsNot Nothing Then
Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
End If
Console.WriteLine("Authentication failed - closing the connection.")
client.Close()
Return
End Try
注解
为 参数指定true时,关闭 SslStream 对流没有影响innerStream;当不再需要时,必须显式关闭innerStream。leaveStreamOpen
委托 userCertificateValidationCallback 的 certificateErrors 参数包含通道安全支持提供程序接口 (SSPI) 返回的任何 Windows 错误代码。 委托 userCertificateValidationCallback 调用的方法的返回值确定身份验证是否成功。
调用委托的 方法时, userCertificateValidationCallback 已选择安全协议和加密算法。 可以使用 方法确定所选的加密算法和强度是否足以满足应用程序的需求。 否则,该方法应返回 false 以防止 SslStream 创建 。
如果未在加密策略的配置文件中指定值,EncryptionPolicy则构造的实例的 SslStream 默认EncryptionPolicy.RequireEncryption为 。
当加密策略设置为 EncryptionPolicy.NoEncryption时,需要使用 Null 密码。
注意
.NET 在创建 SSL 会话时缓存这些会话,并尝试将缓存的会话用于后续请求(如果可能)。 尝试重用 SSL 会话时,Framework 会在身份验证期间使用提供的第一个元素 X509Certificate2Collection , (如果有一个) ,则尝试在证书集合为空时重复使用匿名会话。
注意
SSL 版本 2 协议不支持客户端证书。
适用于
SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback)
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback, System::Net::Security::LocalCertificateSelectionCallback ^ userCertificateSelectionCallback);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback? userCertificateSelectionCallback);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback userCertificateSelectionCallback);new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback * System.Net.Security.LocalCertificateSelectionCallback -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback, userCertificateSelectionCallback As LocalCertificateSelectionCallback)参数
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback 委托,负责验证远程方提供的证书。
- userCertificateSelectionCallback
- LocalCertificateSelectionCallback
LocalCertificateSelectionCallback 委托,负责选择用于身份验证的证书。
例外
示例
下面的代码示例演示如何调用此构造函数。 此示例是为 类提供的更大示例的一 SslStream 部分。
// Server name must match the host name and the name on the host's certificate.
serverName = args[ 1 ];
// Create a TCP/IP client socket.
TcpClient^ client = gcnew TcpClient( serverName,5000 );
Console::WriteLine( L"Client connected." );
// Create an SSL stream that will close the client's stream.
SslStream^ sslStream = gcnew SslStream(
client->GetStream(),
false,
gcnew RemoteCertificateValidationCallback( ValidateServerCertificate ),
gcnew LocalCertificateSelectionCallback( SelectLocalCertificate ) );
// Server name must match the host name and the name on the host's certificate.
serverName = args[0];
// Create a TCP/IP client socket.
TcpClient client = new TcpClient(serverName,5000);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback (ValidateServerCertificate),
new LocalCertificateSelectionCallback(SelectLocalCertificate)
);
' Server name must match the host name and the name on the host's certificate.
serverName = args(0)
' Create a TCP/IP client socket.
Dim client As New TcpClient(serverName, 5000)
Console.WriteLine("Client connected.")
' Create an SSL stream that will close the client's stream.
Dim sslStream As New SslStream(
client.GetStream(), False,
New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate),
New LocalCertificateSelectionCallback(AddressOf SelectLocalCertificate))
注解
为 参数指定true时,关闭 SslStream 对流没有影响innerStream;当不再需要时,必须显式关闭innerStream。leaveStreamOpen
委托 userCertificateValidationCallback 的 certificateErrors 参数包含通道安全支持提供程序接口 (SSPI) 返回的任何 Windows 错误代码。 委托 userCertificateValidationCallback 调用的方法的返回值确定身份验证是否成功。
调用委托的 方法时, userCertificateValidationCallback 已选择安全协议和加密算法。 可以使用 方法确定所选的加密算法和强度是否足以满足应用程序的需求。 否则,该方法应返回 false 以防止 SslStream 创建 。
userCertificateSelectionCallback当应用程序具有多个证书并且必须动态选择证书时,委托非常有用。 “MY”存储中的证书将传递给委托调用的方法。
如果未在加密策略的配置文件中指定值,EncryptionPolicy则构造的实例的 SslStream 默认EncryptionPolicy.RequireEncryption为 。
当加密策略设置为 EncryptionPolicy.NoEncryption时,需要使用 Null 密码。
注意
.NET 在创建 SSL 会话时缓存这些会话,并尝试将缓存的会话用于后续请求(如果可能)。 尝试重用 SSL 会话时,Framework 会在身份验证期间使用提供的第一个元素 X509Certificate2Collection , (如果有一个) ,则尝试在证书集合为空时重复使用匿名会话。
适用于
SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback, EncryptionPolicy)
- Source:
- SslStream.IO.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback, System::Net::Security::LocalCertificateSelectionCallback ^ userCertificateSelectionCallback, System::Net::Security::EncryptionPolicy encryptionPolicy);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback? userCertificateSelectionCallback, System.Net.Security.EncryptionPolicy encryptionPolicy);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback userCertificateSelectionCallback, System.Net.Security.EncryptionPolicy encryptionPolicy);new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback * System.Net.Security.LocalCertificateSelectionCallback * System.Net.Security.EncryptionPolicy -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback, userCertificateSelectionCallback As LocalCertificateSelectionCallback, encryptionPolicy As EncryptionPolicy)参数
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback 委托,负责验证远程方提供的证书。
- userCertificateSelectionCallback
- LocalCertificateSelectionCallback
LocalCertificateSelectionCallback 委托,负责选择用于身份验证的证书。
- encryptionPolicy
- EncryptionPolicy
要使用的 EncryptionPolicy。
例外
注解
当 参数设置为 EncryptionPolicy.NoEncryption时,encryptionPolicy需要使用 Null 密码。
适用于
反馈
即将发布:在整个 2024 年,我们将逐步淘汰作为内容反馈机制的“GitHub 问题”,并将其取代为新的反馈系统。 有关详细信息,请参阅:https://aka.ms/ContentUserFeedback。
提交和查看相关反馈