SslStream 建構函式
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
初始化 SslStream 類別的新執行個體。
多載
備註
若要防止 SslStream 關閉您提供的數據流,請使用 建構函式 SslStream 。
SslStream(Stream)
- 來源:
- SslStream.cs
- 來源:
- SslStream.cs
- 來源:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream);
public SslStream (System.IO.Stream innerStream);
new System.Net.Security.SslStream : System.IO.Stream -> System.Net.Security.SslStream
Public Sub New (innerStream As Stream)
參數
例外狀況
備註
如果未在組態檔中指定 encryptionpolicy 的值,則EncryptionPolicy建構之 實體的 SslStream 預設值EncryptionPolicy.RequireEncryption為 。
當加密原則設定為 EncryptionPolicy.NoEncryption時,需要使用 Null 加密。
適用於
SslStream(Stream, Boolean)
- 來源:
- SslStream.cs
- 來源:
- SslStream.cs
- 來源:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen);
public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen);
new System.Net.Security.SslStream : System.IO.Stream * bool -> System.Net.Security.SslStream
Public Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean)
參數
例外狀況
範例
下列程式代碼範例示範如何呼叫這個建構函式。
static void ProcessClient( TcpClient^ client )
{
// A client has connected. Create the
// SslStream using the client's network stream.
SslStream^ sslStream = gcnew SslStream( client->GetStream(),false );
// Authenticate the server but don't require the client to authenticate.
try
{
sslStream->AuthenticateAsServer( serverCertificate, false, true );
// false == no client cert required; true == check cert revocation.
// Display the properties and settings for the authenticated stream.
DisplaySecurityLevel( sslStream );
DisplaySecurityServices( sslStream );
DisplayCertificateInformation( sslStream );
DisplayStreamProperties( sslStream );
// Set timeouts for the read and write to 5 seconds.
sslStream->ReadTimeout = 5000;
sslStream->WriteTimeout = 5000;
// Read a message from the client.
Console::WriteLine( L"Waiting for client message..." );
String^ messageData = ReadMessage( sslStream );
Console::WriteLine( L"Received: {0}", messageData );
// Write a message to the client.
array<Byte>^message = Encoding::UTF8->GetBytes( L"Hello from the server.<EOF>" );
Console::WriteLine( L"Sending hello message." );
sslStream->Write( message );
}
catch ( AuthenticationException^ e )
{
Console::WriteLine( L"Exception: {0}", e->Message );
if ( e->InnerException != nullptr )
{
Console::WriteLine( L"Inner exception: {0}", e->InnerException->Message );
}
Console::WriteLine( L"Authentication failed - closing the connection." );
sslStream->Close();
client->Close();
return;
}
finally
{
// The client stream will be closed with the sslStream
// because we specified this behavior when creating
// the sslStream.
sslStream->Close();
client->Close();
}
}
static void ProcessClient (TcpClient client)
{
// A client has connected. Create the
// SslStream using the client's network stream.
SslStream sslStream = new SslStream(
client.GetStream(), false);
// Authenticate the server but don't require the client to authenticate.
try
{
sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired: false, checkCertificateRevocation: true);
// Display the properties and settings for the authenticated stream.
DisplaySecurityLevel(sslStream);
DisplaySecurityServices(sslStream);
DisplayCertificateInformation(sslStream);
DisplayStreamProperties(sslStream);
// Set timeouts for the read and write to 5 seconds.
sslStream.ReadTimeout = 5000;
sslStream.WriteTimeout = 5000;
// Read a message from the client.
Console.WriteLine("Waiting for client message...");
string messageData = ReadMessage(sslStream);
Console.WriteLine("Received: {0}", messageData);
// Write a message to the client.
byte[] message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
Console.WriteLine("Sending hello message.");
sslStream.Write(message);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine ("Authentication failed - closing the connection.");
sslStream.Close();
client.Close();
return;
}
finally
{
// The client stream will be closed with the sslStream
// because we specified this behavior when creating
// the sslStream.
sslStream.Close();
client.Close();
}
}
Private Shared Sub ProcessClient(client As TcpClient)
' A client has connected. Create the
' SslStream using the client's network stream.
Dim sslStream = New SslStream(client.GetStream(), False)
Try
sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired:=False, checkCertificateRevocation:=True)
' Display the properties And settings for the authenticated stream.
DisplaySecurityLevel(sslStream)
DisplaySecurityServices(sslStream)
DisplayCertificateInformation(sslStream)
DisplayStreamProperties(sslStream)
' Set timeouts for the read and write to 5 seconds.
sslStream.ReadTimeout = 5000
sslStream.WriteTimeout = 5000
' Read a message from the client.
Console.WriteLine("Waiting for client message...")
Dim messageData As String = ReadMessage(sslStream)
Console.WriteLine("Received: {0}", messageData)
' Write a message to the client.
Dim message As Byte() = Encoding.UTF8.GetBytes("Hello from the server.<EOF>")
Console.WriteLine("Sending hello message.")
sslStream.Write(message)
Catch e As AuthenticationException
Console.WriteLine("Exception: {0}", e.Message)
If e.InnerException IsNot Nothing Then
Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
End If
Console.WriteLine("Authentication failed - closing the connection.")
sslStream.Close()
client.Close()
Return
Finally
' The client stream will be closed with the sslStream
' because we specified this behavior when creating
' the sslStream.
sslStream.Close()
client.Close()
End Try
End Sub
備註
當您為 參數指定 true
時,關閉 SslStream 不會影響innerStream
數據流;當您不再需要它時,必須明確關閉 innerStream
。leaveStreamOpen
如果未在組態檔中指定 encryptionpolicy 的值,則EncryptionPolicy建構之 實體的 SslStream 預設值EncryptionPolicy.RequireEncryption為 。
當加密原則設定為 EncryptionPolicy.NoEncryption時,需要使用 Null 加密。
適用於
SslStream(Stream, Boolean, RemoteCertificateValidationCallback)
- 來源:
- SslStream.cs
- 來源:
- SslStream.cs
- 來源:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback);
public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback);
public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback);
new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback -> System.Net.Security.SslStream
Public Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback)
參數
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback 委派,負責驗證遠端群體所提供的憑證。
例外狀況
範例
下列程式代碼範例會 SslStream 建立 ,並起始驗證的用戶端部分。
// Create a TCP/IP client socket.
// machineName is the host running the server application.
TcpClient^ client = gcnew TcpClient(machineName, 5000);
Console::WriteLine("Client connected.");
// Create an SSL stream that will close
// the client's stream.
SslStream^ sslStream = gcnew SslStream(
client->GetStream(), false,
gcnew RemoteCertificateValidationCallback(ValidateServerCertificate),
nullptr);
// The server name must match the name
// on the server certificate.
try
{
sslStream->AuthenticateAsClient(serverName);
}
catch (AuthenticationException^ ex)
{
Console::WriteLine("Exception: {0}", ex->Message);
if (ex->InnerException != nullptr)
{
Console::WriteLine("Inner exception: {0}",
ex->InnerException->Message);
}
Console::WriteLine("Authentication failed - "
"closing the connection.");
sslStream->Close();
client->Close();
return;
}
// Create a TCP/IP client socket.
// machineName is the host running the server application.
TcpClient client = new TcpClient(machineName,5000);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback (ValidateServerCertificate),
null
);
// The server name must match the name on the server certificate.
try
{
sslStream.AuthenticateAsClient(serverName);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine ("Authentication failed - closing the connection.");
client.Close();
return;
}
' Create a TCP/IP client socket.
' machineName is the host running the server application.
Dim client = New TcpClient(machineName, 5000)
Console.WriteLine("Client connected.")
' Create an SSL stream that will close the client's stream.
Dim sslStream = New SslStream(
client.GetStream(), False,
New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate), Nothing)
' The server name must match the name on the server certificate.
Try
sslStream.AuthenticateAsClient(serverName)
Catch e As AuthenticationException
Console.WriteLine("Exception: {0}", e.Message)
If e.InnerException IsNot Nothing Then
Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
End If
Console.WriteLine("Authentication failed - closing the connection.")
client.Close()
Return
End Try
備註
當您為 參數指定 true
時,關閉 SslStream 不會影響innerStream
數據流;當您不再需要它時,必須明確關閉 innerStream
。leaveStreamOpen
委派 userCertificateValidationCallback
的 certificateErrors
自變數包含通道安全性支援提供者介面 (SSPI) 傳回的任何 Windows 錯誤碼。 委派叫 userCertificateValidationCallback
用之方法的傳回值會判斷驗證是否成功。
叫用委派的 方法時 userCertificateValidationCallback
,已選取安全性通訊協議和密碼編譯演算法。 您可以使用 方法來判斷所選的密碼編譯演算法和強度是否足以供您的應用程式使用。 如果沒有,方法應該會傳回 false
,以防止 SslStream 建立 。
如果未在組態檔中指定 encryptionpolicy 的值,則EncryptionPolicy建構之 實體的 SslStream 預設值EncryptionPolicy.RequireEncryption為 。
當加密原則設定為 EncryptionPolicy.NoEncryption時,需要使用 Null 加密。
注意
.NET 會在建立 SSL 會話時快取,並盡可能嘗試重複使用後續要求的快取會話。 嘗試重複使用 SSL 會話時,架構會在驗證期間使用 所提供的第一個專案 X509Certificate2Collection (,如果有一個) ,則嘗試在憑證集合是空的時重複使用匿名會話。
注意
SSL 第 2 版通訊協定不支援客戶端憑證。
適用於
SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback)
- 來源:
- SslStream.cs
- 來源:
- SslStream.cs
- 來源:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback, System::Net::Security::LocalCertificateSelectionCallback ^ userCertificateSelectionCallback);
public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback? userCertificateSelectionCallback);
public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback userCertificateSelectionCallback);
new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback * System.Net.Security.LocalCertificateSelectionCallback -> System.Net.Security.SslStream
Public Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback, userCertificateSelectionCallback As LocalCertificateSelectionCallback)
參數
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback 委派,負責驗證遠端群體所提供的憑證。
- userCertificateSelectionCallback
- LocalCertificateSelectionCallback
LocalCertificateSelectionCallback 委派,負責選取用於驗證的憑證。
例外狀況
範例
下列程式代碼範例示範如何呼叫這個建構函式。 這個範例是提供給 類別之較大範例的 SslStream 一部分。
// Server name must match the host name and the name on the host's certificate.
serverName = args[ 1 ];
// Create a TCP/IP client socket.
TcpClient^ client = gcnew TcpClient( serverName,5000 );
Console::WriteLine( L"Client connected." );
// Create an SSL stream that will close the client's stream.
SslStream^ sslStream = gcnew SslStream(
client->GetStream(),
false,
gcnew RemoteCertificateValidationCallback( ValidateServerCertificate ),
gcnew LocalCertificateSelectionCallback( SelectLocalCertificate ) );
// Server name must match the host name and the name on the host's certificate.
serverName = args[0];
// Create a TCP/IP client socket.
TcpClient client = new TcpClient(serverName,5000);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback (ValidateServerCertificate),
new LocalCertificateSelectionCallback(SelectLocalCertificate)
);
' Server name must match the host name and the name on the host's certificate.
serverName = args(0)
' Create a TCP/IP client socket.
Dim client As New TcpClient(serverName, 5000)
Console.WriteLine("Client connected.")
' Create an SSL stream that will close the client's stream.
Dim sslStream As New SslStream(
client.GetStream(), False,
New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate),
New LocalCertificateSelectionCallback(AddressOf SelectLocalCertificate))
備註
當您為 參數指定 true
時,關閉 SslStream 不會影響innerStream
數據流;當您不再需要它時,必須明確關閉 innerStream
。leaveStreamOpen
委派 userCertificateValidationCallback
的 certificateErrors
自變數包含通道安全性支援提供者介面 (SSPI) 傳回的任何 Windows 錯誤碼。 委派叫 userCertificateValidationCallback
用之方法的傳回值會判斷驗證是否成功。
叫用委派的 方法時 userCertificateValidationCallback
,已選取安全性通訊協議和密碼編譯演算法。 您可以使用 方法來判斷所選的密碼編譯演算法和強度是否足以供您的應用程式使用。 如果沒有,方法應該會傳回 false
,以防止 SslStream 建立 。
當您的應用程式有多個憑證,而且必須動態選擇憑證時,委派 userCertificateSelectionCallback
會很有用。 “MY” 存放區中的憑證會傳遞至委派叫用的方法。
如果未在組態檔中指定 encryptionpolicy 的值,則EncryptionPolicy建構之 實體的 SslStream 預設值EncryptionPolicy.RequireEncryption為 。
當加密原則設定為 EncryptionPolicy.NoEncryption時,需要使用 Null 加密。
注意
.NET 會在建立 SSL 會話時快取,並盡可能嘗試重複使用後續要求的快取會話。 嘗試重複使用 SSL 會話時,架構會在驗證期間使用 所提供的第一個專案 X509Certificate2Collection (,如果有一個) ,則嘗試在憑證集合是空的時重複使用匿名會話。
適用於
SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback, EncryptionPolicy)
- 來源:
- SslStream.cs
- 來源:
- SslStream.cs
public:
SslStream(System::IO::Stream ^ innerStream, bool leaveInnerStreamOpen, System::Net::Security::RemoteCertificateValidationCallback ^ userCertificateValidationCallback, System::Net::Security::LocalCertificateSelectionCallback ^ userCertificateSelectionCallback, System::Net::Security::EncryptionPolicy encryptionPolicy);
public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback? userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback? userCertificateSelectionCallback, System.Net.Security.EncryptionPolicy encryptionPolicy);
public SslStream (System.IO.Stream innerStream, bool leaveInnerStreamOpen, System.Net.Security.RemoteCertificateValidationCallback userCertificateValidationCallback, System.Net.Security.LocalCertificateSelectionCallback userCertificateSelectionCallback, System.Net.Security.EncryptionPolicy encryptionPolicy);
new System.Net.Security.SslStream : System.IO.Stream * bool * System.Net.Security.RemoteCertificateValidationCallback * System.Net.Security.LocalCertificateSelectionCallback * System.Net.Security.EncryptionPolicy -> System.Net.Security.SslStream
Public Sub New (innerStream As Stream, leaveInnerStreamOpen As Boolean, userCertificateValidationCallback As RemoteCertificateValidationCallback, userCertificateSelectionCallback As LocalCertificateSelectionCallback, encryptionPolicy As EncryptionPolicy)
參數
- userCertificateValidationCallback
- RemoteCertificateValidationCallback
RemoteCertificateValidationCallback 委派,負責驗證遠端群體所提供的憑證。
- userCertificateSelectionCallback
- LocalCertificateSelectionCallback
LocalCertificateSelectionCallback 委派,負責選取用於驗證的憑證。
- encryptionPolicy
- EncryptionPolicy
要使用的 EncryptionPolicy。
例外狀況
備註
當 參數設定為 EncryptionPolicy.NoEncryption時encryptionPolicy
,需要使用 Null 加密。