我有一个 WPF 应用程序,它使用 SSLStream 连接到服务器并发送/接收一些消息。我的代码主要基于此示例 (SslTcpClient):https://msdn.microsoft.com/en-us/library/system.net.security.sslstream(v=vs.110).aspx .
这在几个月内都运行良好。但是,在获得此 Windows 更新后(Windows 10 版本 1511 和 Windows Server 2016 技术预览版 4 的累积更新:2016 年 6 月 14 日 - https://support.microsoft.com/en-us/kb/3163018)。我的应用程序开始报告此异常:
System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The Local Security Authority cannot be contacted
--- End of inner exception stack trace ---
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at MyAPP.Core.Services.Network.Impl.SslTcpClient.ClientSideHandshake()
at MyAPP.Core.Services.Network.Impl.SslTcpClient.Connect()
at MyAPP.Core.Services.Impl.MessageService.SendMessage(String message)
我能做什么?
最佳答案
这意味着对方正在使用另一个版本的 TLS 而你使用的是旧版本。
在建立连接之前将安全属性设置为 TLS12。
这是一个广为人知的问题,因为许多提供商开始使用 TLS12(例如 paypal、amazon 等)。
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
关于c# - 对 SSPI 的调用失败,请参阅内部异常 - 无法联系本地安全机构,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37925505/