SslStream 建構函式
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
初始化 SslStream 類別的新執行個體。
多載
備註
若要防止 SslStream 關閉您提供的資料流程,請使用 建構函式 SslStream 。
SslStream(Stream)
public:
SslStream(System::IO::Stream ^ innerStream);public SslStream (System.IO.Stream innerStream);new System.Net.Security.SslStream : System.IO.Stream -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream)參數
例外狀況
備註
如果未在組態檔中指定加密原則的值,則會 EncryptionPolicy 針對所建構的 SslStream 實例預設 EncryptionPolicy.RequireEncryption 為 。
當加密原則設定 EncryptionPolicy.NoEncryption 為 時,需要使用 Null 加密。
適用於
SslStream(Stream, Boolean)
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen);new System.Net.Security.SslStream : System.IO.Stream * bool -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean)參數
例外狀況
範例
下列程式碼範例示範如何呼叫這個建構函式。
static void ProcessClient( TcpClient^ client )
{
// A client has connected. Create the
// SslStream using the client's network stream.
SslStream^ sslStream = gcnew SslStream( client->GetStream(),false );
// Authenticate the server but don't require the client to authenticate.
try
{
sslStream->AuthenticateAsServer( serverCertificate, false, true );
// false == no client cert required; true == check cert revocation.
// Display the properties and settings for the authenticated stream.
DisplaySecurityLevel( sslStream );
DisplaySecurityServices( sslStream );
DisplayCertificateInformation( sslStream );
DisplayStreamProperties( sslStream );
// Set timeouts for the read and write to 5 seconds.
sslStream->ReadTimeout = 5000;
sslStream->WriteTimeout = 5000;
// Read a message from the client.
Console::WriteLine( L"Waiting for client message..." );
String^ messageData = ReadMessage( sslStream );
Console::WriteLine( L"Received: {0}", messageData );
// Write a message to the client.
array<Byte>^message = Encoding::UTF8->GetBytes( L"Hello from the server.<EOF>" );
Console::WriteLine( L"Sending hello message." );
sslStream->Write( message );
}
catch ( AuthenticationException^ e )
{
Console::WriteLine( L"Exception: {0}", e->Message );
if ( e->InnerException != nullptr )
{
Console::WriteLine( L"Inner exception: {0}", e->InnerException->Message );
}
Console::WriteLine( L"Authentication failed - closing the connection." );
sslStream->Close();
client->Close();
return;
}
finally
{
// The client stream will be closed with the sslStream
// because we specified this behavior when creating
// the sslStream.
sslStream->Close();
client->Close();
}
}
static void ProcessClient (TcpClient client)
{
// A client has connected. Create the
// SslStream using the client's network stream.
SslStream sslStream = new SslStream(
client.GetStream(), false);
// Authenticate the server but don't require the client to authenticate.
try
{
sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired: false, checkCertificateRevocation: true);
// Display the properties and settings for the authenticated stream.
DisplaySecurityLevel(sslStream);
DisplaySecurityServices(sslStream);
DisplayCertificateInformation(sslStream);
DisplayStreamProperties(sslStream);
// Set timeouts for the read and write to 5 seconds.
sslStream.ReadTimeout = 5000;
sslStream.WriteTimeout = 5000;
// Read a message from the client.
Console.WriteLine("Waiting for client message...");
string messageData = ReadMessage(sslStream);
Console.WriteLine("Received: {0}", messageData);
// Write a message to the client.
byte[] message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
Console.WriteLine("Sending hello message.");
sslStream.Write(message);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine ("Authentication failed - closing the connection.");
sslStream.Close();
client.Close();
return;
}
finally
{
// The client stream will be closed with the sslStream
// because we specified this behavior when creating
// the sslStream.
sslStream.Close();
client.Close();
}
}
Private Shared Sub ProcessClient(client As TcpClient)
' A client has connected. Create the
' SslStream using the client's network stream.
Dim sslStream = New SslStream(client.GetStream(), False)
Try
sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired:=False, checkCertificateRevocation:=True)
' Display the properties And settings for the authenticated stream.
DisplaySecurityLevel(sslStream)
DisplaySecurityServices(sslStream)
DisplayCertificateInformation(sslStream)
DisplayStreamProperties(sslStream)
' Set timeouts for the read and write to 5 seconds.
sslStream.ReadTimeout = 5000
sslStream.WriteTimeout = 5000
' Read a message from the client.
Console.WriteLine("Waiting for client message...")
Dim messageData As String = ReadMessage(sslStream)
Console.WriteLine("Received: {0}", messageData)
' Write a message to the client.
Dim message As Byte() = Encoding.UTF8.GetBytes("Hello from the server.<EOF>")
Console.WriteLine("Sending hello message.")
sslStream.Write(message)
Catch e As AuthenticationException
Console.WriteLine("Exception: {0}", e.Message)
If e.InnerException IsNot Nothing Then
Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
End If
Console.WriteLine("Authentication failed - closing the connection.")
sslStream.Close()
client.Close()
Return
Finally
' The client stream will be closed with the sslStream
' because we specified this behavior when creating
' the sslStream.
sslStream.Close()
client.Close()
End Try
End Sub
備註
當您 true 指定 參數時 leaveStreamOpen ,關閉 SslStream 不會影響 innerStream 資料流程;當您不再需要它時,必須明確關閉 innerStream 。
如果未在組態檔中指定加密原則的值,則會 EncryptionPolicy 針對所建構的 SslStream 實例預設 EncryptionPolicy.RequireEncryption 為 。
當加密原則設定 EncryptionPolicy.NoEncryption 為 時,需要使用 Null 加密。
適用於
SslStream(Stream, Boolean, RemoteCertificateValidationCallback)
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback);new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback)參數
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback 委派,負責驗證遠端群體所提供的憑證。
例外狀況
範例
下列程式碼範例會建立 並 SslStream 起始驗證的用戶端部分。
// Create a TCP/IP client socket.
// machineName is the host running the server application.
TcpClient^ client = gcnew TcpClient(machineName, 8080);
Console::WriteLine("Client connected.");
// Create an SSL stream that will close
// the client's stream.
SslStream^ sslStream = gcnew SslStream(
client->GetStream(), false,
gcnew RemoteCertificateValidationCallback(ValidateServerCertificate),
nullptr);
// The server name must match the name
// on the server certificate.
try
{
sslStream->AuthenticateAsClient(serverName);
}
catch (AuthenticationException^ ex)
{
Console::WriteLine("Exception: {0}", ex->Message);
if (ex->InnerException != nullptr)
{
Console::WriteLine("Inner exception: {0}",
ex->InnerException->Message);
}
Console::WriteLine("Authentication failed - "
"closing the connection.");
sslStream->Close();
client->Close();
return;
}
// Create a TCP/IP client socket.
// machineName is the host running the server application.
TcpClient client = new TcpClient(machineName,443);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback (ValidateServerCertificate),
null
);
// The server name must match the name on the server certificate.
try
{
sslStream.AuthenticateAsClient(serverName);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine ("Authentication failed - closing the connection.");
client.Close();
return;
}
' Create a TCP/IP client socket.
' machineName is the host running the server application.
Dim client = New TcpClient(machineName, 443)
Console.WriteLine("Client connected.")
' Create an SSL stream that will close the client's stream.
Dim sslStream = New SslStream(
client.GetStream(), False,
New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate), Nothing)
' The server name must match the name on the server certificate.
Try
sslStream.AuthenticateAsClient(serverName)
Catch e As AuthenticationException
Console.WriteLine("Exception: {0}", e.Message)
If e.InnerException IsNot Nothing Then
Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
End If
Console.WriteLine("Authentication failed - closing the connection.")
client.Close()
Return
End Try
備註
當您 true 指定 參數時 leaveStreamOpen ,關閉 SslStream 不會影響 innerStream 資料流程;當您不再需要它時,必須明確關閉 innerStream 。
委派 userCertificateValidationCallback 的 certificateErrors 引數包含通道安全性支援提供者介面 (SSPI) 傳回的任何Windows錯誤碼。 委派所 userCertificateValidationCallback 叫用之方法的傳回值會決定驗證是否成功。
叫用委派的 方法時 userCertificateValidationCallback ,已選取安全性通訊協定和密碼編譯演算法。 您可以使用 方法來判斷所選的密碼編譯演算法和強度是否足以供您的應用程式使用。 如果沒有,方法應該會傳回 false 以防止 SslStream 建立 。
如果未在組態檔中指定加密原則的值,則會 EncryptionPolicy 針對所建構的 SslStream 實例預設 EncryptionPolicy.RequireEncryption 為 。
當加密原則設定 EncryptionPolicy.NoEncryption 為 時,需要使用 Null 加密。
注意
架構會在建立 SSL 會話時快取 SSL 會話,並盡可能嘗試重複使用新要求的快取會話。 嘗試重複使用 SSL 會話時,Framework 會在有一個) 時使用 (的第 ClientCertificates 一個專案,或嘗試在空白的情況下 ClientCertificates 重複使用匿名會話。
注意
SSL 第 2 版通訊協定不支援用戶端憑證。
適用於
SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback)
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback, System::Net::Security::LocalCertificateSelectionCallback ^ userCertificateSelectionCallback);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback? userCertificateSelectionCallback);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback userCertificateSelectionCallback);new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback * System.Net.Security.LocalCertificateSelectionCallback -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback, userCertificateSelectionCallback As LocalCertificateSelectionCallback)參數
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback 委派,負責驗證遠端群體所提供的憑證。
- userCertificateSelectionCallback
- LocalCertificateSelectionCallback
LocalCertificateSelectionCallback 委派,負責選取用於驗證的憑證。
例外狀況
範例
下列程式碼範例示範如何呼叫這個建構函式。 此範例是針對 類別提供的較大範例的 SslStream 一部分。
// Server name must match the host name and the name on the host's certificate.
serverName = args[ 1 ];
// Create a TCP/IP client socket.
TcpClient^ client = gcnew TcpClient( serverName,80 );
Console::WriteLine( L"Client connected." );
// Create an SSL stream that will close the client's stream.
SslStream^ sslStream = gcnew SslStream(
client->GetStream(),
false,
gcnew RemoteCertificateValidationCallback( ValidateServerCertificate ),
gcnew LocalCertificateSelectionCallback( SelectLocalCertificate ) );
// Server name must match the host name and the name on the host's certificate.
serverName = args[0];
// Create a TCP/IP client socket.
TcpClient client = new TcpClient(serverName,80);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback (ValidateServerCertificate),
new LocalCertificateSelectionCallback(SelectLocalCertificate)
);
' Server name must match the host name and the name on the host's certificate.
serverName = args(0)
' Create a TCP/IP client socket.
Dim client As New TcpClient(serverName, 80)
Console.WriteLine("Client connected.")
' Create an SSL stream that will close the client's stream.
Dim sslStream As New SslStream(
client.GetStream(), False,
New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate),
New LocalCertificateSelectionCallback(AddressOf SelectLocalCertificate))
備註
當您 true 指定 參數時 leaveStreamOpen ,關閉 SslStream 不會影響 innerStream 資料流程;當您不再需要它時,必須明確關閉 innerStream 。
委派 userCertificateValidationCallback 的 certificateErrors 引數包含通道安全性支援提供者介面 (SSPI) 傳回的任何Windows錯誤碼。 委派所 userCertificateValidationCallback 叫用之方法的傳回值會決定驗證是否成功。
叫用委派的 方法時 userCertificateValidationCallback ,已選取安全性通訊協定和密碼編譯演算法。 您可以使用 方法來判斷所選的密碼編譯演算法和強度是否足以供您的應用程式使用。 如果沒有,方法應該會傳回 false 以防止 SslStream 建立 。
當您的應用程式有多個憑證,且必須動態選擇憑證時,委派 userCertificateSelectionCallback 會很有用。 「MY」 存放區中的憑證會傳遞至委派所叫用的方法。
如果未在組態檔中指定加密原則的值,則會 EncryptionPolicy 針對所建構的 SslStream 實例預設 EncryptionPolicy.RequireEncryption 為 。
當加密原則設定 EncryptionPolicy.NoEncryption 為 時,需要使用 Null 加密。
注意
架構會在建立 SSL 會話時快取 SSL 會話,並盡可能嘗試重複使用新要求的快取會話。 嘗試重複使用 SSL 會話時,架構會使用 P:System.Net.HttpWebRequest.ClientCertificate (s 的第一個元素,如果有一個) ,或嘗試重複使用匿名會話,如果 P:System.Net.HttpWebRequest.ClientCertificates 是空的。
適用於
SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback, EncryptionPolicy)
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback, System::Net::Security::LocalCertificateSelectionCallback ^ userCertificateSelectionCallback, System::Net::Security::EncryptionPolicy encryptionPolicy);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback? userCertificateSelectionCallback, System.Net.Security.EncryptionPolicy encryptionPolicy);public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback userCertificateSelectionCallback, System.Net.Security.EncryptionPolicy encryptionPolicy);[System.MonoLimitation("encryptionPolicy is ignored")]
public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback userCertificateSelectionCallback, System.Net.Security.EncryptionPolicy encryptionPolicy);new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback * System.Net.Security.LocalCertificateSelectionCallback * System.Net.Security.EncryptionPolicy -> System.Net.Security.SslStream[<System.MonoLimitation("encryptionPolicy is ignored")>]
new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback * System.Net.Security.LocalCertificateSelectionCallback * System.Net.Security.EncryptionPolicy -> System.Net.Security.SslStreamPublic Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback, userCertificateSelectionCallback As LocalCertificateSelectionCallback, encryptionPolicy As EncryptionPolicy)參數
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback 委派,負責驗證遠端群體所提供的憑證。
- userCertificateSelectionCallback
- LocalCertificateSelectionCallback
LocalCertificateSelectionCallback 委派,負責選取用於驗證的憑證。
- encryptionPolicy
- EncryptionPolicy
要使用的 EncryptionPolicy。
- 屬性
-
MonoLimitationAttribute
例外狀況
備註
當 參數設定為 EncryptionPolicy.NoEncryption 時 encryptionPolicy ,需要使用 Null 加密。