c# - 无法识别提供给包的凭证:AWS IoT 和 WebAPI 应用程序托管在 IIS 上
问题描述
根据 AWS 文档,AWS IoT 核心的证书和策略是正确的,并且在 EC2 实例上的控制台应用程序中一切正常。当在 IIS(Web api)上部署相同的代码时,它会引发异常,指出“无法识别提供给包的凭据”
var CaCert = X509Certificate.CreateFromCertFile(Path.Combine(basefolderPath,"IoTCertificates", "AmazonRootCA1.crt"));
var ClientCert = new X509Certificate2(Path.Combine(basefolderPath, "IoTCertificates", "xxx.pfx"), "xxxxx");
string ClientId = Guid.NewGuid().ToString();
var IotClient = new MqttClient(iotendpoint, 8883, true, CaCert, ClientCert, MqttSslProtocols.TLSv1_2);
IotClient.MqttMsgPublishReceived += Client_MqttMsgPublishReceived;
IotClient.MqttMsgSubscribed += Client_MqttMsgSubscribed;
IotClient.Connect(ClientId);
Console.WriteLine("Connected");
错误日志如下:
{"ClassName":"uPLibrary.Networking.M2Mqtt.Exceptions.MqttConnectionException","Message":"异常连接到代理","Data":null,"InnerException":{"NativeErrorCode":-2146893043,"ClassName" :"System.ComponentModel.Win32Exception","Message":"提供给包的凭据无法识别","Data":null,"InnerException":null,"HelpURL":null,"StackTraceString":" 在系统.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)\r\n 在 System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential&secureCredential)\r\n 在 System.Net.Security .SecureChannel。AcquireClientCredentials(Byte[]& thumbPrint)\r\n at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)\r\n at System.Net.Security .SecureChannel.NextMessage(Byte[] 传入,Int32 偏移量,Int32 计数)\r\n 在 System.Net.Security.SslState.StartSendBlob(Byte[] 传入,Int32 计数,AsyncProtocolRequest asyncRequest)\r\n 在 System.Net .Security.SslState.ProcessReceivedBlob(Byte[] 缓冲区,Int32 计数,AsyncProtocolRequest asyncRequest)\r\n 在 System.Net.Security.SslState.StartReceiveBlob(Byte[] 缓冲区,AsyncProtocolRequest asyncRequest)\r\n 在 System.Net。 Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)\r\n at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer,AsyncProtocolRequest asyncRequest)\r\n 在 System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResultlazyResult)\r\n 在 c:\Users\ppatierno\Source\Repos\m2mqtt 中的 uPLibrary.Networking.M2Mqtt.MqttNetworkChannel.Connect() \M2Mqtt\Net\MqttNetworkChannel.cs:第 266 行\r\n 在 uPLibrary.Networking.M2Mqtt.MqttClient.Connect(String clientId, String username, String password, Boolean willRetain, Byte willQosLevel, Boolean willFlag, String willTopic, String willMessage, c:\Users\ppatierno\Source\Repos\m2mqtt\M2Mqtt\MqttClient.cs:line 556","RemoteStackTraceString":null,"RemoteStackIndex":0,"ExceptionMethod":"8\nAcquireCredentialsHandle 中的布尔 cleanSession,UInt16 keepAlivePeriod) \n系统,版本=4.0.0.0,文化=中性,PublicKeyToken=b77a5c561934e089\nSystem.Net.SSPIWrapper\nSystem.Net。SafeFreeCredentials AcquireCredentialsHandle(System.Net.SSPIInterface, System.String, System.Net.CredentialUse, System.Net.SecureCredential)","HResult":-2147467259,"Source":"System","WatsonBuckets":null}," HelpURL":null,"StackTraceString":" at uPLibrary.Networking.M2Mqtt.MqttClient.Connect(String clientId, String username, String password, Boolean willRetain, Byte willQosLevel, Boolean willFlag, String willTopic, String willMessage, Boolean cleanSession, UInt16 keepAlivePeriod ) 在 c:\Users\ppatierno\Source\Repos\m2mqtt\M2Mqtt\MqttClient.cs:line 560\r\n ","RemoteStackTraceString":null,"RemoteStackIndex":0,"ExceptionMethod":"8\nConnect\ nM2Mqtt.Net,版本=4.3.0.0,文化=中性,PublicKeyToken=null\nuPLibrary.Networking.M2Mqtt。MqttClient\nByte Connect(System.String, System.String, System.String, Boolean, Byte, Boolean, System.String, System.String, Boolean, UInt16)","HResult":-2146233088,"Source":"M2Mqtt .Net","WatsonBuckets":null}
解决方案
推荐阅读
- web-crawler - 使用 Stormcrawler 爬取特定子目录
- javascript - D3.js 惯性拖动
- swift - 为什么在用于 OpenGL 纹理的 CGContext 上调用绘图函数时出现 BAD_ACCESS 错误?
- javascript - JavaScript 窗口卸载不工作 [Vanilla Javascript]
- android - 使用 WireMockRule 运行 Android UI 测试时出现 java.lang.NoClassDefFoundError
- javascript - 如何在更新表单时发送有限字段
- api - XSLT 1.0 将元素添加到多个匹配项
- oauth-2.0 - 带有 oauth2-google 的 PHPMailer 是否使用 get_oauth_token
- android - cardview的recycleview不起作用。我该如何解决?
- javascript - 如何获取用户输入的访问权限并在我的后端服务器上计算某些内容?