底层连接已关闭.无法使用HTTP.sys运行Asp.Net核心2.1 web api应用程序？

Question

我创建了一个新的Asp.net核心2.1 Web应用程序,然后选择"API"模板.(我将身份验证更改为"Windows".然后我添加了以下代码Http.Sys用于Windows身份验证.(https://docs.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore -2.1&tabs = aspnetcore2x)

using Microsoft.AspNetCore.Server.HttpSys; // Added

    public static void Main(string[] args)
    {
        CreateWebHostBuilder(args).Build().Run();
    }

    public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
        WebHost.CreateDefaultBuilder(args)
            .UseStartup<Startup>()
            // Added
            .UseHttpSys(o => 
            {
                o.Authentication.Schemes = AuthenticationSchemes.NTLM | 
                                           AuthenticationSchemes.Negotiate;
                o.Authentication.AllowAnonymous = false;
            });

以下消息显示运行应用程序时的输出消息.

info: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[0]
      User profile is available. Using 'C:\Users\...\AppData\Local\ASP.NET\Da
taProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
info: Microsoft.AspNetCore.Server.HttpSys.HttpSysListener[0]
      Start
info: Microsoft.AspNetCore.Server.HttpSys.HttpSysListener[0]
      Listening on prefix: https://localhost:5001/
info: Microsoft.AspNetCore.Server.HttpSys.HttpSysListener[0]
      Listening on prefix: http://localhost:5000/
Hosting environment: Development
Content root path: C:\work\WebApplication1
Now listening on: https://localhost:5001
Now listening on: http://localhost:5000
Application started. Press Ctrl+C to shut down.

但是,访问时浏览器显示"无法访问此站点(连接已重置)"错误https://localhost:5001/api/values？

用powershell测试

PS C:\work> Invoke-WebRequest https://localhost:5001/api/values
Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send.
At line:1 char:1
+ Invoke-WebRequest https://localhost:5001/api/values
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

PS C:\work> Invoke-WebRequest http://localhost:5000/api/values
Invoke-WebRequest : The remote server returned an error: (401) Unauthorized.
At line:1 char:1
+ Invoke-WebRequest http://localhost:5000/api/values
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

---

Fiddler返回以下消息.

fiddler.network.https>对本地主机(#3)的HTTPS握手失败.System.IO.IOException无法从传输连接读取数据:远程主机强制关闭现有连接.<远程主机强行关闭现有连接

Internet Explorer返回以下消息.

在高级设置中打开TLS 1.0,TLS 1.1和TLS 1.2,然后再次尝试连接到https:// localhost:5001 .如果此错误仍然存​​在,则此站点可能使用不受支持的协议或密码套件(如RC4(详细信息链接)),这不被认为是安全的.请与您的站点管理员联系.

Answer 1

我有以下代码，它对我有用。在我的配置服务中

 services.AddAuthentication(Microsoft.AspNetCore.Server.HttpSys.HttpSysDefaults.AuthenticationScheme);

并在program.cs中

.UseStartup<Startup>()
            .UseKestrel()
            .UseHttpSys(options =>
            {
                options.Authentication.Schemes = AuthenticationSchemes.NTLM;
                options.Authentication.AllowAnonymous = false;
                options.MaxConnections = 1000;
            })
            .UseIISIntegration()