我有一个三星智能交流(热泵/迷你拆分),并希望做一些自动化。我的Android手机上有一个APP。 通过研究了很多,我发现,我能控制我的交流与OpenSSL.exe这样的:在C#中的OpenSSL.exe s_client相当于我#
openssl.exe s_client -connect 192.168.1.154:2878
连接已经建立再经过我可以再复制/粘贴:
"<Request Type="AuthToken"><User Token="16968012-2892-M993-N707-3738REMOVED" /></Request>"
"<Request Type="DeviceControl"><Control CommandID="cmd11111" DUID="7825ADREMOVED"><Attr ID="AC_FUN_POWER" Value="On" /></Control></Request>"
然后AC打开。
问题是我无法自动执行任务,因为我必须等待连接已建立,然后复制/粘贴请求。 Openssl.exe似乎没有采用我可以使用的任何参数。
我已经在Powershell中用Invoke-WebRequest/RestMethod尝试过,但是我得到了SSL/TLS错误。我也尝试在C#中,但结果相同。
public static bool AcceptAllCertifications(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certification, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors)
{
return true;
}
static void Main(string[] args)
{
ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications);
Uri uri = new Uri("https://192.168.1.154:2878");
WebRequest webRequest = WebRequest.Create(uri);
WebResponse webResponse = webRequest.GetResponse();
webResponse.GetResponseStream();
Console.Read();
}
给了我这个错误
The request was aborted: Could not create SSL/TLS secure channel.
因此,大家可以看到我甚至不能只是GET /用C#连接到AC没有得到SSL错误。
我无法弄清楚'Openssl.exe s_client'的工作原理。任何人都可以启发我吗?从OpenSSL的
UPDATE 输出:
C:\Program Files (x86)\GnuWin32\bin>openssl.exe s_client -connect 192.168.1.154:2878 Loading 'screen' into random state - done CONNECTED(0000017C) depth=0 /C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/[email protected] verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/[email protected] verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/[email protected] i:/C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/[email protected] --- Server certificate -----BEGIN CERTIFICATE----- MIIDdDCCAt2gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBkTELMAkGA1UEBhMCS1Ix DjAMBgNVBAcTBVN1d29uMRwwGgYDVQQKExNTYW1zdW5nIEVsZWN0cm9uaWNzMRsw GQYDVQQLExJEaWdpdGFsIEFwcGxpY2FuY2UxEDAOBgNVBAMTB2EyODc4NDgxJTAj BgkqhkiG9w0BCQEWFm1vd2Vvbi5sZWVAc2Ftc3VuZy5jb20wHhcNNzAwMTAxMDkw MDE2WhcNNzAwMjAxMDkwMDE2WjCBkTELMAkGA1UEBhMCS1IxDjAMBgNVBAcTBVN1 d29uMRwwGgYDVQQKExNTYW1zdW5nIEVsZWN0cm9uaWNzMRswGQYDVQQLExJEaWdp dGFsIEFwcGxpY2FuY2UxEDAOBgNVBAMTB2EyODc4NDgxJTAjBgkqhkiG9w0BCQEW Fm1vd2Vvbi5sZWVAc2Ftc3VuZy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBANWEclyhZblo3TwG39hFVZK+LHTICEbgWwHQdAx1RwLFvIgsTFlgHu8Hb0fC AN2Wknx5vb0ks355PycY/xlUY6Rmr3eSU34undtt7jE1K0OYeasUOvxpXyBtmSo6 72YtDSN6rh3F6SgOKrUVsQFDCJ2V5CQHxKyH5FFwAmcHUbjzAgMBAAGjgdkwgdYw CQYDVR0TBAIwADAkBglghkgBhvhCAQ0EFxYVIlNhbXN1bmcgZWxlY3Ryb25pY3Mi MB0GA1UdDgQWBBTdhKfUKlp5ocnU6K9BF4smWiDPbzBfBgNVHSMEWDBWoUmkRzBF MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkggkAvwoLvHnlSoIwCwYDVR0PBAQDAgUgMBYG A1UdEQQPMA2CC3NhbXN1bmcuY29tMA0GCSqGSIb3DQEBBQUAA4GBAHfi+2JxtpvO 6MFZReZkXg+GMOt2UEPqFKpeJGCRdCoKnEmvBMUsp8PaopZ6uy/Z3V4FIhP/wcUv fC1+feizmZkzO3ixThJH6zo3edEjZAA7KBj+ecfLYd/PTXkAfIJFM9RlCfAkbbbc gGSDyBpGJ4wJHhB91bjK8qamUw5LJJrY -----END CERTIFICATE----- subject=/C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/[email protected] issuer=/C=KR/L=Suwon/O=Samsung Electronics/OU=Digital Applicance/CN=a287848/[email protected] --- No client certificate CA names sent --- SSL handshake has read 1212 bytes and written 202 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: D4576CA26103343877505F0B1726833E7F3C76481EFDEF21B482C4D4FBA Session-ID-ctx: Master-Key: 7609462DC362B422115C370DA282106208842119047CF97F384F3E1B5079AF5CE72A5CF9FA35A41C2D67400672E70CAE Key-Arg : None Start Time: 1498081620 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) --- DRC-1.00 closed
我假设AC的证书不被您的计算机信任。 'Openssl s_client'不关心(因为它是一个诊断工具),但其他所有事情都做。您是否尝试在浏览器中打开“https://192.168.1.154:2878”并忽略证书警告? – Swonkie
你尝试过'SslStream'吗? –
发布'openssl s_client ...'生成的实际文本输出。这将包含大量关于连接的信息。你应该能够发布内容到'openssl s_client ...'的标准输入。请参阅https://stackoverflow.com/questions/6763086/why-is-input-redirect-not-implemented-in-powershell以开始。 –