问题

通过API禁用客户端身份验证

  • 2019年4月22日
  • 3回复
  • 1616的浏览量
E
  • elihuj
  • “航行者”号
  • 2回答
我有一个问题通过REST API禁用客户端身份验证。下面是我的代码:

代码: 
$ disableauth = @ {
值= '假'

$disableauth = $disableauth | CovertTo-Json
尝试{
$r = Invoke-RestMethod -Method Post -Uri https://clusterip:9440/PrismGateway/services/rest/v2.0/authconfig/client_auth -Headers $head -ContentType $content -Body $disableauth
} catch {$_.Exception.Message;}


当我运行这个命令时,它给我一个错误的“请求中止:不能创建SSL/TLS安全通道”。我使用了一个类似的调用来启用身份验证,它没有问题。
\r\n
\r\n
code:<\/b>
$disableauth = @{
\tvalue='false'
}
$disableauth = $disableauth | CovertTo-Json
try {
\t$r = Invoke-RestMethod -Method Post -Uri https:\/\/clusterip:9440\/PrismGateway\/services\/rest\/v2.0\/authconfig\/client_auth -Headers $head -ContentType $content -Body $disableauth
\t} catch { $_.Exception.Message; }
<\/pre><\/div>
\r\n
\r\nWhen I run this command, it gives me an error of \"request aborted: could not create SSL\/TLS secure channel\". I have a similar call I use to enable authentication, which works without issue.","quoteUsername":"elihuj","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">

3回复

N
Userlevel 1
徽章 +2
如果使用集群的DNS名称和/或FQDN而不是IP地址,会出现相同的错误吗?
E
不幸的是,对于FQDN、主机名和IP,我得到了相同的结果。我的代码中也有这个,这有助于克服过去类似的错误:

代码: 
添加类型@”
使用System.Net;
使用System.Security.Cryptography.X509Certificates;
公共类trustallcertpolicy: iccertificatepolicy {
公共bool CheckValidationResult (
ServicePoint srvPoint, X509Certificate证书,
WebRequest请求,int certificateProblem) {
返回true;


“@
美元AllProtocols = [System.Net.SecurityProtocolType] ' Ssl3, Tls, Tls11 Tls12”
[System.Net。ServicePointManager]:: SecurityProtocol = AllProtocols美元
[System.Net。ServicePointManager]::CertificatePolicy = New-Object trustallcertsppolicy
\r\n
\r\n
code:<\/b>
add-type @\"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
    public bool CheckValidationResult(
        ServicePoint srvPoint, X509Certificate certificate,
        WebRequest request, int certificateProblem) {
        return true;
    }
}
\"@
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
<\/pre><\/div>","quoteUsername":"elihuj","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">
E
我注意到的一个常量是,当启用客户端身份验证时,我只会得到SSL/TLS错误。

回复


Baidu