ASP. WebAPI HTTPS

Reference Document  http://southworks.com/blog/2014/06/16/enabling-ssl-client-certificates-in-asp-net-web-api/  First step Create a trusted Root certification authority  MAKECERT.EXE-N "Cn=development CA"-R-SV developmentca.pvk developmentca.cer  and import the certificate into certificate management, It is important to note that the certificate-local computer is required, not the current user    second step to create the PFX format of the certificate using the root certificate you just created, the first command to create the certificate, the second command to convert to the PFX format and the private key, "123456" as the private key password  makecert.exe-pe-n "Cn=localhost"-a Sha1-sky exchange-eku 1.3.6.1.5.5.7.3.1 -ic developmentca.cer-iv devel OPMENTCA.PVK-SV sslcert.pvk sslcert.cer pvk2pfx-pvk sslcert.pvk-spc sslcert.cer-pfx sslcert.pfx-po 123456    Import the certificate to the local computer personal certificate   The third step generates the client certificate, and the client certificate is automatically added to the "Certificates-Current User" Personal certificate after executing the command  makecert.exe-pe-ss MY-SR currentuser-a Sha1-sky exchange-n "Cn=clientcertificatestest"-eku 1.3.6.1.5.5.7.3.2-sk signedbyca-ic developmentca.cer-iv Developm entca.pvk     after the fourth step certificate generation is complete, configure IIS, add bindings to the Web site, select the HTTPS type, SSL certificate select the    fifth step we just created to change the SSL settings, I am here to set up must require SSL, can choose according to their actual situation     sixth step   Add HTTPS filter in the program, add the connection of this featureThe port will first determine if the request is from Https publicclassrequirehttpsattribute:authorizationfilterattribute
{
Publicoverridevoid onauthorization (Httpactioncontext actioncontext)
{
if (actionContext.Request.RequestUri.Scheme! = Uri.urischemehttps)
{
Actioncontext.response = Newhttpresponsemessage (System.Net.HttpStatusCode.Forbidden)
{
Reasonphrase = "HTTPS Required"
};
}
Else
{
Base. Onauthorization (Actioncontext);
}
}    }Finally, we test if SSL is in effect .Publicstaticvoid Test ()
{
var secure = newsecurestring ();
foreach (char s in "password")//password is the exported certificate security password
{
Secure. Appendchar (s);
}
var handler = Newwebrequesthandler ();
Handler. Clientcertificateoptions = clientcertificateoption.manual;
Handler. UseProxy = false;

string path = @ "C:\test.pfx";
var certificate = newx509certificate2 (path, secure);
Handler. Clientcertificates.add (certificate);

ServicePointManager
. Servercertificatevalidationcallback + =
(sender, cert, chain, sslpolicyerrors) = true;

using (var client = newhttpclient (handler))
using (var content = newmultipartformdatacontent ())
{
var arg = 1;
var url = string. Format (@ "https://localhost:4438/api/test?arg={0}", Arg);
var result = client. Postasync (URL, content). Result.Content.ReadAsStringAsync ();
Console.WriteLine (String. Format ("[{0}]", result. Result));
}        }

ASP. WebAPI HTTPS