0
我已經配置了文檔https://docs.mongodb.com/manual/core/security-x.509/ 中給出的MongoDB服務器,並且我使用mongo shell進行連接,它工作正常。無法使用c#中的x509證書認證連接到MongoDB服務器#
接下來我試圖連接到相同的服務器形式的C#驅動程序,但超時異常引發。 下面是我的代碼
var cert = new X509Certificate2(@"C:\Program Files\MongoDB\Server\3.2\ssl\client.pfx", "secretkey");
var sslcrd = MongoCredential.CreateMongoX509Credential("CN=Client1,O=School,ST=Some-State,C=IN");
settings.SslSettings = new SslSettings() ;
settings.UseSsl = true;
settings.SslSettings.ClientCertificates = new List<X509Certificate>()
{
cert
};
settings.SslSettings.EnabledSslProtocols = SslProtocols.Default;
settings.SslSettings.ClientCertificateSelectionCallback =
(sender, host, certificates, certificate, issuers) => settings.SslSettings.ClientCertificates.ToList()[0];
settings.SslSettings.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => true;
settings.SslSettings.CheckCertificateRevocation = false;
settings.VerifySslCertificate = false;
settings.Credentials = new[] { sslcrd };
MongoClient client = new MongoClient(settings);
var db = client.ListDatabases().ToList();
我通過MongoDB的服務器日誌去了,我能看到下面的錯誤
2017-04-10T11:18:21.559 + 0530我網[initandlisten]連接 接受自 127.0.0.1:53901#64(1個連接現在打開)2017-04-10T11:18:21.559 + 0530E NETWORK [conn64]否SSL證書 由peer提供;連接拒絕2017-04-10T11:18:21.560 + 0530我 NETWORK [conn64]端連接127.0.0.1:53901(0連接現在 開放)
我使用C#MongoDB.Driver版本2.3.0 和MongoDB包的版本是3.2。
如果您有解決上述問題,請回復。
嗨Mahdi, 我在Mongo服務器上面設置屬性,我面臨錯誤,「2017-04-10T16:09:33.171 + 0530我訪問[conn49]無法驗證CN = Client1,O = School, ST = Some-State,C = IN @ $ external with mechanism MONGODB-X509:AuthenticationFailed:沒有與用戶匹配的x.509客戶端證書。「 –
另外在mongo shell中,我們也應該在啓動時指定CA pem文件,但是在c#中我沒有指定CA pem文件(我沒有找到指定它的任何api),有沒有指定CA文件的任何api? –