asp.net-core - 如何使用 httpClientFactory 配置证书

首先，您需要注册您HttpClient：

services.AddHttpClient("signed")
        .ConfigurePrimaryMessageHandler(() =>
        {
            var handler = new HttpClientHandler();
            var certificate = new X509Certificate2(filename: "foo.pfx", password: "123");

            handler.ClientCertificateOptions = ClientCertificateOptions.Manual;
            handler.ClientCertificates.Add(certificat);
        });

在示例中，文件foo.pfx包含密码为123的证书。 签名是 的名称HttpClient。

其次，您将调用IHttpClientFactory.CreateClient创建HttpClient实例。

public class PayClient
{
    private readonly IHttpClientFactory _httpClientFactory;

    public PayClient(IHttpClientFactory httpClientFactory)
    {
        _httpClientFactory = httpClientFactory;
    }

    public async Task SomePayMethodAsync()
    {
        using (httpClient = _httpClientFactory.CreateClient("signed"))
        {
            // use httpClient
        }
    }
}

您需要使用与的参数签名CreateClient相同的名称。

稍后更新

HttpClient如果您使用许多证书编写 SAAS，则可以在每次需要时手动创建和配置。这是最简单的方法。

public class PayClient
{
    private readonly ICurrentUserProvider _currentUserProvider;

    public PayClient(ICurrentUserProvider _currentUserProvider)
    {
        _currentUserProvider = currentUserProvider;
    }

    private HttpClient CreateHttpClient()
    {
        var currentUser = _currentUserProvider.CurrentUser;
        var filename = currentUser.CertificateFilename;
        var password = currentUser.CertificatePassword;
        var handler = new HttpClientHandler();
        var certificate = new X509Certificate2(filename, password);

        handler.ClientCertificateOptions = ClientCertificateOptions.Manual;
        handler.ClientCertificates.Add(certificat);

        return new HttpClient(handler);
    }

    public async Task SomePayMethodAsync()
    {
        using (httpClient = CreateHttpClient())
        {
            // use httpClient
        }
    }
}