SslStream 构造函数
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
初始化 SslStream 类的新实例。
重载
注解
若要防止 SslStream 关闭你提供的流,请使用 SslStream 构造函数。
SslStream(Stream)
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream);public SslStream(System.IO.Stream innerStream);new System.Net.Security.SslStream : System.IO.Stream -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream)参数
例外
注解
如果未在配置文件中为加密策略指定值,则
当加密策略设置为 EncryptionPolicy.NoEncryption 时,需要使用 Null 密码。
适用于
SslStream(Stream, Boolean)
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen);public SslStream(System.IO.Stream innerStream, bool leaveInnerStreamOpen);new System.Net.Security.SslStream : System.IO.Stream * bool -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean)参数
例外
示例
下面的代码示例演示如何调用此构造函数。
static void ProcessClient (TcpClient client)
{
// A client has connected. Create the
// SslStream using the client's network stream.
SslStream sslStream = new SslStream(
client.GetStream(), false);
// Authenticate the server but don't require the client to authenticate.
try
{
sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired: false, checkCertificateRevocation: true);
// Display the properties and settings for the authenticated stream.
DisplaySecurityLevel(sslStream);
DisplaySecurityServices(sslStream);
DisplayCertificateInformation(sslStream);
DisplayStreamProperties(sslStream);
// Set timeouts for the read and write to 5 seconds.
sslStream.ReadTimeout = 5000;
sslStream.WriteTimeout = 5000;
// Read a message from the client.
Console.WriteLine("Waiting for client message...");
string messageData = ReadMessage(sslStream);
Console.WriteLine("Received: {0}", messageData);
// Write a message to the client.
byte[] message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
Console.WriteLine("Sending hello message.");
sslStream.Write(message);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine ("Authentication failed - closing the connection.");
sslStream.Close();
client.Close();
return;
}
finally
{
// The client stream will be closed with the sslStream
// because we specified this behavior when creating
// the sslStream.
sslStream.Close();
client.Close();
}
}
Private Shared Sub ProcessClient(client As TcpClient)
' A client has connected. Create the
' SslStream using the client's network stream.
Dim sslStream = New SslStream(client.GetStream(), False)
Try
sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired:=False, checkCertificateRevocation:=True)
' Display the properties And settings for the authenticated stream.
DisplaySecurityLevel(sslStream)
DisplaySecurityServices(sslStream)
DisplayCertificateInformation(sslStream)
DisplayStreamProperties(sslStream)
' Set timeouts for the read and write to 5 seconds.
sslStream.ReadTimeout = 5000
sslStream.WriteTimeout = 5000
' Read a message from the client.
Console.WriteLine("Waiting for client message...")
Dim messageData As String = ReadMessage(sslStream)
Console.WriteLine("Received: {0}", messageData)
' Write a message to the client.
Dim message As Byte() = Encoding.UTF8.GetBytes("Hello from the server.<EOF>")
Console.WriteLine("Sending hello message.")
sslStream.Write(message)
Catch e As AuthenticationException
Console.WriteLine("Exception: {0}", e.Message)
If e.InnerException IsNot Nothing Then
Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
End If
Console.WriteLine("Authentication failed - closing the connection.")
sslStream.Close()
client.Close()
Return
Finally
' The client stream will be closed with the sslStream
' because we specified this behavior when creating
' the sslStream.
sslStream.Close()
client.Close()
End Try
End Sub
注解
指定trueleaveStreamOpen参数时,关闭该SslStream流不会影响innerStream流;如果不再需要该参数,则必须显式关闭innerStream。
如果未在配置文件中为加密策略指定值,则
当加密策略设置为 EncryptionPolicy.NoEncryption 时,需要使用 Null 密码。
适用于
SslStream(Stream, Boolean, RemoteCertificateValidationCallback)
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback);public SslStream(System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback);public SslStream(System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback);new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback)参数
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback负责验证远程方提供的证书的委托。
例外
示例
下面的代码示例创建 SslStream 并启动身份验证的客户端部分。
// Create a TCP/IP client socket.
// machineName is the host running the server application.
TcpClient client = new TcpClient(machineName,5000);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback (ValidateServerCertificate),
null
);
// The server name must match the name on the server certificate.
try
{
sslStream.AuthenticateAsClient(serverName);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine ("Authentication failed - closing the connection.");
client.Close();
return;
}
' Create a TCP/IP client socket.
' machineName is the host running the server application.
Dim client = New TcpClient(machineName, 5000)
Console.WriteLine("Client connected.")
' Create an SSL stream that will close the client's stream.
Dim sslStream = New SslStream(
client.GetStream(), False,
New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate), Nothing)
' The server name must match the name on the server certificate.
Try
sslStream.AuthenticateAsClient(serverName)
Catch e As AuthenticationException
Console.WriteLine("Exception: {0}", e.Message)
If e.InnerException IsNot Nothing Then
Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
End If
Console.WriteLine("Authentication failed - closing the connection.")
client.Close()
Return
End Try
注解
指定trueleaveStreamOpen参数时,关闭该SslStream流不会影响innerStream流;如果不再需要该参数,则必须显式关闭innerStream。
userCertificateValidationCallback委托的 certificateErrors 参数包含通道安全支持提供程序接口(SSPI)返回的任何Windows错误代码。 委托调用 userCertificateValidationCallback 的方法的返回值确定身份验证是否成功。
调用委托的方法时 userCertificateValidationCallback ,已选择安全协议和加密算法。 可以使用该方法来确定所选的加密算法和强度是否足以满足应用程序的要求。 否则,该方法应返回 false 以防止 SslStream 创建。
如果未在配置文件中为加密策略指定值,则
当加密策略设置为 EncryptionPolicy.NoEncryption 时,需要使用 Null 密码。
注释
.NET在创建 SSL 会话时缓存 SSL 会话,并尝试尽可能为后续请求重复使用缓存会话。 尝试重复使用 SSL 会话时,框架使用身份验证期间提供的第一个元素 X509Certificate2Collection (如果有),或者尝试在证书集合为空时重复使用匿名会话。
注释
SSL 版本 2 协议不支持客户端证书。
适用于
SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback)
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback, System::Net::Security::LocalCertificateSelectionCallback ^ userCertificateSelectionCallback);public SslStream(System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback? userCertificateSelectionCallback);public SslStream(System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback userCertificateSelectionCallback);new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback * System.Net.Security.LocalCertificateSelectionCallback -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback, userCertificateSelectionCallback As LocalCertificateSelectionCallback)参数
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback负责验证远程方提供的证书的委托。
- userCertificateSelectionCallback
- LocalCertificateSelectionCallback
负责 LocalCertificateSelectionCallback 选择用于身份验证的证书的委托。
例外
示例
下面的代码示例演示如何调用此构造函数。 此示例是SslStream类所提供的一个大型示例的一部分。
// Server name must match the host name and the name on the host's certificate.
serverName = args[0];
// Create a TCP/IP client socket.
TcpClient client = new TcpClient(serverName,5000);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback (ValidateServerCertificate),
new LocalCertificateSelectionCallback(SelectLocalCertificate)
);
' Server name must match the host name and the name on the host's certificate.
serverName = args(0)
' Create a TCP/IP client socket.
Dim client As New TcpClient(serverName, 5000)
Console.WriteLine("Client connected.")
' Create an SSL stream that will close the client's stream.
Dim sslStream As New SslStream(
client.GetStream(), False,
New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate),
New LocalCertificateSelectionCallback(AddressOf SelectLocalCertificate))
注解
指定trueleaveStreamOpen参数时,关闭该SslStream流不会影响innerStream流;如果不再需要该参数,则必须显式关闭innerStream。
userCertificateValidationCallback委托的 certificateErrors 参数包含通道安全支持提供程序接口(SSPI)返回的任何Windows错误代码。 委托调用 userCertificateValidationCallback 的方法的返回值确定身份验证是否成功。
调用委托的方法时 userCertificateValidationCallback ,已选择安全协议和加密算法。 可以使用该方法来确定所选的加密算法和强度是否足以满足应用程序的要求。 否则,该方法应返回 false 以防止 SslStream 创建。
当应用程序有多个证书并且必须动态选择证书时,委托 userCertificateSelectionCallback 非常有用。 “MY”存储中的证书将传递给委托调用的方法。
如果未在配置文件中为加密策略指定值,则
当加密策略设置为 EncryptionPolicy.NoEncryption 时,需要使用 Null 密码。
注释
.NET在创建 SSL 会话时缓存 SSL 会话,并尝试尽可能为后续请求重复使用缓存会话。 尝试重复使用 SSL 会话时,框架使用身份验证期间提供的第一个元素 X509Certificate2Collection (如果有),或者尝试在证书集合为空时重复使用匿名会话。
适用于
SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback, EncryptionPolicy)
- Source:
- SslStream.cs
- Source:
- SslStream.cs
- Source:
- SslStream.IO.cs
- Source:
- SslStream.cs
- Source:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback, System::Net::Security::LocalCertificateSelectionCallback ^ userCertificateSelectionCallback, System::Net::Security::EncryptionPolicy encryptionPolicy);public SslStream(System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback? userCertificateSelectionCallback, System.Net.Security.EncryptionPolicy encryptionPolicy);public SslStream(System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback userCertificateSelectionCallback, System.Net.Security.EncryptionPolicy encryptionPolicy);new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback * System.Net.Security.LocalCertificateSelectionCallback * System.Net.Security.EncryptionPolicy -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback, userCertificateSelectionCallback As LocalCertificateSelectionCallback, encryptionPolicy As EncryptionPolicy)参数
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback负责验证远程方提供的证书的委托。
- userCertificateSelectionCallback
- LocalCertificateSelectionCallback
负责 LocalCertificateSelectionCallback 选择用于身份验证的证书的委托。
- encryptionPolicy
- EncryptionPolicy
要使用的 EncryptionPolicy 。
例外
注解
当参数设置为
