我正在尝试做一个相当基本的 SSL 连接,但我对为什么它不起作用感到困惑。它可以通过 HTTP 正常连接,但不能通过 HTTPS 连接。 这只发生在一组网站上。例如,它在 google.com 上运行良好,但此特定服务器正在运行 LetsEncrypt 证书。会不会是因为这个?
ssltest.cs的代码:
using System;
using System.Net;
using System.Net.Sockets;
namespace SSLTest
{
public class Program
{
static void Main(string[] args)
{
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Ssl3;
WebClient wc = new WebClient();
string result = wc.DownloadString("https://healthstone.ca/");
Console.WriteLine(result);
}
}
}
编译:
%SYSTEMROOT%\Microsoft.NET\Framework64\v4.0.30319\csc.exe /out:ssltest.exe ssltest.cs
运行:
Unhandled Exception: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Authentication failed because the remote party has closed the transport stream.
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Net.WebClient.DownloadDataInternal(Uri address, WebRequest& request)
at System.Net.WebClient.DownloadString(Uri address)
at SSLTest.Program.Main(String[] args)
如果我将站点更改为http,则效果很好。该网站在浏览器中也可以正常加载。我根据之前在类似问题上发现的问题添加了 2 条 ServicePointManager 行,但没有骰子。知道出了什么问题吗?
最佳答案
https://www.ssllabs.com/ssltest/
Protocols Supported
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 No
SSL 3 No
SSL 2 No
因此该网站允许 TLS 版本 1.1 或 1.2,但不支持 TLS 1.0。
您需要:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11
| SecurityProtocolType.Tls12;
这需要 .Net 4.5+。
关于c# - 使用 C# 和 .NET 4.5 连接到 SSL 服务器时出错,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36625364/