我想实现自定义的基本身份验证与此类似并一件事混淆我是一个概念领域的。例如，有一个时刻，当我的模块插入一些魔法串入的回答：

I'm trying to implemented custom basic authentication similar to this and one thing that confuses me is a concept of realm. For example, there's a moment when my module inserts some magic string into the reply:

void ReplyWithAuthHeader()
{
    HttpContext currentContext = HttpContext.Current;
    context.Response.StatusCode = 401;
    context.Response.AddHeader( "WWW-Authenticate",
       String.Format("Basic realm=\"{0}\"", "myname.mycompany.com"));
}

该网站被分配有makecert实用程序创建的SSL certicicate并发出到myname.mycompany.com。来电者创建一个请求：

The site is assigned an SSL certicicate created with makecert utility and is "issued" to "myname.mycompany.com". The caller creates a request:

HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create( serverUrl );
CredentialCache cache = new CredentialCache();
cache.Add( new Uri( serverUrl ), "Basic", new NetworkCredential( "UserName", "password" ) );
request.Credentials = cache;

其中，的serverUrl 开始的https：// 键，当请求正在由服务器处理的服务器发送在WWW身份验证的答复，然后抛出一个异常在客户端以无法将数据写入传输连接：一个已建立的连接被中止通过在主机中的软件。文本。

where serverUrl starts with https:// and when the request is being processed by the server the server sends the "WWW-Authenticate" reply, then an exception is thrown on the client side with "Unable to write data to the transport connection: An established connection was aborted by the software in your host machine." text.

所以很明显有一些错误的SSL协议的水平，我不能fugure它是什么。我想这可能是一些处理的境界。

So clearly there's something wrong at SSL negotiation level and I can't fugure what it is. I guess it could be something dealing with the realm.

我的问题是 - 什么是的领域的以及它是如何关系到党颁发的SSL证书时由通过SSL连接到的名称

My question is - what is a realm and how is it related to the name of the party to which an SSL certificate was issued when a connection is made over SSL?

推荐答案

要回答你的问题是什么境界？，从的 RFC 2617 ：

To answer your question "what is a realm?", some copypasta from RFC 2617:

该领域指令（不区分大小写）是必需的发出挑战，所有的身份验证方案。领域值（区分大小写），符合规范的根URL组合（绝对URI服务器的绝对路径是空的，见[2]第5.1.2节）的服务器被访问，定义了保护空间。这些领域允许在服务器上的受保护的资源被划分为一组的保护间隔，每个都有其自己的验证方案和/或授权数据库。该域值是一个字符串，一般分配的原始服务器，其中可能有特定的认证方案附加的语义。请注意，可能有相同的auth-计划，但不同领域的多重挑战。

The realm directive (case-insensitive) is required for all authentication schemes that issue a challenge. The realm value (case-sensitive), in combination with the canonical root URL (the absoluteURI for the server whose abs_path is empty; see section 5.1.2 of [2]) of the server being accessed, defines the protection space. These realms allow the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme and/or authorization database. The realm value is a string, generally assigned by the origin server, which may have additional semantics specific to the authentication scheme. Note that there may be multiple challenges with the same auth-scheme but different realms.

至于你的问题是如何与你的SSL证书：事实并非如此。我能想到的最简单的方法来找出什么错误，只是通过在浏览器访问URL。你应该得到这个问题的pretty的清晰描述（主机名不证书，不受信任的CA，匹配过期，等等）。

As to your question how it is related to your SSL certificate: it isn't. The easiest way I can think of to figure out what's going wrong, is simply by accessing the URL in your browser. You should get a pretty clear description of the problem (hostname doesn't match the certificate, untrusted CA, expired, etc.).