2024-07-12
한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina
Since the customer needs to upgrade the original HTTP backend service to a service that supports https, and because the original HTTP service is implemented based on the HTTP listening service embedded in the WINDOWS service, it does not support https, and does not directly load the HTTPS certificate like other WebAPI services deployed in IIS, so here it is necessary to modify the original service to support https and perform HTTPS port binding settings on the server environment, as follows:
(Note: The following operations require that you already have an HTTPS certificate.)
1. Install the certificate, double-click the pfx file and install it to:Local Computer”–>“personal”;
2. Double-click to opencrtCertificate, you can see the fingerprint information (certhash) in the detailed information;
3. Execute port binding (default port 443)
netsh http add sslcert ipport=0.0.0.0:8080 certhash=指纹 appid={程序GUID/newguid} clientcertnegotiation=enable
4. Server program implementation:
- using System;
- public class HttpService
- {
- public MyHttpServer()
- {
- System.Net.HttpListener httpListener = new System.Net.HttpListener();
- httpListener.AuthenticationSchemes = System.Net.AuthenticationSchemes.Anonymous;
- httpListener.Prefixes.Add("https://*:8000/"); // 支持https
- httpListener.Start();
- new System.Threading.Thread(new System.Threading.ThreadStart(delegate
- {
- while (true)
- {
- try
- {
- System.Net.HttpListenerContext httpListenerContext = httpListener.GetContext();
- new System.Threading.Thread(new System.Threading.ParameterizedThreadStart((input) =>
- {
- System.Net.HttpListenerContext ctx = (System.Net.HttpListenerContext)input;
- System.Net.HttpListenerRequest request = ctx.Request;
- string pram = request.QueryString["Data"];//Get入参
- string responseMessage = string.Empty;//返回值
- if (!string.IsNullOrEmpty(pram))
- {
- //Get入参
- pramOrg = pram;
- pram = System.Web.HttpUtility.UrlDecode(pram);
- }
- //POST入参
- if (request.HttpMethod == "POST")
- {
- //处理业务请求
- StreamReader reader = new StreamReader(request.InputStream, Encoding.UTF8);
- pram = reader.ReadToEnd();
- reader.Close();
- reader.Dispose();
- }
- #region 业务处理
- try
- {
- //业务处理
- responseMessage = "业务结果";
- }
- catch (Exception ex)
- {
- //异常处理
- responseMessage = ex.Message;
- }
- #endregion 业务处理
- #region 返回给调用者
- //输出类型
- httpListenerContext.Response.ContentType = "text/html; charset=UTF-8";
- //返回状态
- httpListenerContext.Response.StatusCode = 200;
- //设置授权,尝试解决Jquery跨域问题
- //httpListenerContext.Response.Headers["Access-Control-Allow-Origin"] = "*";
- //httpListenerContext.Response.Headers["Access-Control-Allow-Methods"] = "GET,POST";
- //httpListenerContext.Response.Headers["Access-Control-Max-Age"] = "1000";
- try
- {
- //输出界面内容
- if (!string.IsNullOrEmpty(responseMessage))
- {
- //返回文本内容
- using (StreamWriter writer = new StreamWriter(httpListenerContext.Response.OutputStream))
- {
- writer.Write(responseMessage);
- }
- }
- }
- catch
- {
- //刷新太快异常,不做处理
- }
- #endregion 返回给调用者
- })).Start(httpListenerContext);
- }
- catch
- { }
- }
- })).Start();
- }
- }
If an error occurs during the port binding process, or the addition fails, refer to the following steps:
1. Check whether the parameters of the netsh command are correct;
2. SSL certificate addition failed, error: 1312 The specified login session does not exist. It may have been terminated. Solution:
Press WIN+R on the keyboard and enter mmc.exe, as follows:
Click 'OK', and the following console root node interface will pop up.
Select File->Add/Remove Snap-in, or directly press ctrl+m to pop up the following window and perform the operation:
Then go to Personal to import the certificate
Finally, bind the SSL certificate to the port number
netsh http add sslcert ipport=0.0.0.0:8080 certhash=指纹 appid={程序GUID/newguid} clientcertnegotiation=enable
I have devoted myself to the research of technology for more than 30 years. I am proficient in various languages such as Java, Linux, JavaScript, PHP, CSS, etc. I have made many contributions in the field of open source. I have established a developer documentation site to share some problems in technology development for everyone to read.
