c# - 错误 "Could not create SSL/TLS secure channel."尽管手动设置 TLS

标签 c# ssl

这是我在 Windows 8 上运行的 C# 代码:

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;

HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);
HttpWebResponse webResponse = (HttpWebResponse)webRequest.GetResponse(); // FAIL!!!

异常(exception)是“无法创建 SSL/TLS 安全通道。”。

如果我在浏览器中尝试该 URL,它会起作用。查看证书(这是一个 HTTPS 请求),我可以看到证书使用以下内容:

    Your connection to madis-data.noaa.gov is encrypted using an obsolete cipher suite.

    The connection uses TLS 1.0.

    The connection is encrypted using AES_128_CBC, 
with HMAC-SHA1 for message authentication and DHE_RSA 
as the key exchange mechanism.

我已经在 web.config 中打开跟踪以查看到底发生了什么,这是输出:

System.Net Information: 0 : [13952] ConnectStream#38701186::ConnectStream(Buffered 5 bytes.)
System.Net Information: 0 : [13952] Associating HttpWebRequest#59795752 with ConnectStream#38701186
System.Net Information: 0 : [13952] Associating HttpWebRequest#59795752 with HttpWebResponse#1266475
System.Net Verbose: 0 : [13952] Exiting HttpWebRequest#59795752::GetResponse()  -> HttpWebResponse#1266475
System.Net Verbose: 0 : [13952] HttpWebResponse#1266475::GetResponseStream()
System.Net Information: 0 : [13952] ContentLength=5
System.Net Verbose: 0 : [13952] Exiting HttpWebResponse#1266475::GetResponseStream()    -> ConnectStream#38701186
System.Net Verbose: 0 : [13952] ConnectStream#38701186::Read()
System.Net Verbose: 0 : [13952] Data from ConnectStream#38701186::Read
System.Net Verbose: 0 : [13952] 00000000 : 44 6F 6E 65 2E                                  : Done.
System.Net Verbose: 0 : [13952] Exiting ConnectStream#38701186::Read()  -> Int32#5
System.Net Verbose: 0 : [13952] ConnectStream#38701186::Read()
System.Net Verbose: 0 : [13952] Exiting ConnectStream#38701186::Read()  -> Int32#0
System.Net Verbose: 0 : [2548] WebRequest::Create(https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV)
System.Net Verbose: 0 : [2548] HttpWebRequest#27754753::HttpWebRequest(https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV#-2142986532)
System.Net Verbose: 0 : [2548] Exiting HttpWebRequest#27754753::HttpWebRequest() 
System.Net Verbose: 0 : [2548] Exiting WebRequest::Create()     -> HttpWebRequest#27754753
System.Net Verbose: 0 : [2548] HttpWebRequest#27754753::GetResponse()
System.Net Verbose: 0 : [2548] ServicePoint#40143513::ServicePoint(madis-data.noaa.gov:443)
System.Net Information: 0 : [2548] Associating HttpWebRequest#27754753 with ServicePoint#40143513
System.Net Information: 0 : [2548] Associating Connection#34830681 with HttpWebRequest#27754753
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Socket(AddressFamily#2)
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Socket() 
System.Net.Sockets Verbose: 0 : [2548] Socket#729977::Socket(AddressFamily#23)
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#729977::Socket() 
System.Net.Sockets Verbose: 0 : [2548] DNS::TryInternalResolve(madis-data.noaa.gov)
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Connect(140.172.12.193:443#-1056133833)
System.Net.Sockets Information: 0 : [2548] Socket#36216217 - Created connection from 10.211.55.4:49219 to 140.172.12.193:443.
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Connect() 
System.Net.Sockets Verbose: 0 : [2548] Socket#729977::Close()
System.Net.Sockets Verbose: 0 : [2548] Socket#729977::Dispose()
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#729977::Close() 
System.Net Information: 0 : [2548] Connection#34830681 - Created connection from 10.211.55.4:49219 to 140.172.12.193:443.
System.Net Information: 0 : [2548] TlsStream#59226404::.ctor(host=madis-data.noaa.gov, #certs=0)
System.Net Information: 0 : [2548] Associating HttpWebRequest#27754753 with ConnectStream#58631946
System.Net Information: 0 : [2548] HttpWebRequest#27754753 - Request: GET /madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV HTTP/1.1

System.Net Information: 0 : [2548] ConnectStream#58631946 - Sending headers
{
Host: madis-data.noaa.gov
Connection: Keep-Alive
}.
System.Net Information: 0 : [2548] SecureChannel#35318308::.ctor(hostname=madis-data.noaa.gov, #clientCertificates=0, encryptionPolicy=RequireEncryption)
System.Net Information: 0 : [2548] Enumerating security packages:
System.Net Information: 0 : [2548]     Negotiate
System.Net Information: 0 : [2548]     NegoExtender
System.Net Information: 0 : [2548]     Kerberos
System.Net Information: 0 : [2548]     NTLM
System.Net Information: 0 : [2548]     TSSSP
System.Net Information: 0 : [2548]     pku2u
System.Net Information: 0 : [2548]     LiveSSP
System.Net Information: 0 : [2548]     WDigest
System.Net Information: 0 : [2548]     Schannel
System.Net Information: 0 : [2548]     Microsoft Unified Security Protocol Provider
System.Net Information: 0 : [2548]     CREDSSP
System.Net Information: 0 : [2548] SecureChannel#35318308 - Left with 0 client certificates to choose from.
System.Net Information: 0 : [2548] AcquireCredentialsHandle(package = Microsoft Unified Security Protocol Provider, intent  = Outbound, scc     = System.Net.SecureCredential)
System.Net Information: 0 : [2548] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = (null), targetName = madis-data.noaa.gov, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [2548] InitializeSecurityContext(In-Buffer length=0, Out-Buffer length=127, returned code=ContinueNeeded).
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Send()
System.Net.Sockets Verbose: 0 : [2548] Data from Socket#36216217::Send
System.Net.Sockets Verbose: 0 : [2548] 00000000 : 16 03 01 00 7A 01 00 00-76 03 01 55 CB 07 87 0F : ....z...v..U....
System.Net.Sockets Verbose: 0 : [2548] 00000010 : 05 21 DE ED FF 2F E8 87-E5 CD 90 BF 81 CF B9 87 : .!.../..........
System.Net.Sockets Verbose: 0 : [2548] 00000020 : CA 7F 1A 5A D1 00 0B 67-FF A2 62 00 00 18 C0 14 : ...Z...g..b.....
System.Net.Sockets Verbose: 0 : [2548] 00000030 : C0 13 00 35 00 2F C0 0A-C0 09 00 38 00 32 00 0A : ...5./.....8.2..
System.Net.Sockets Verbose: 0 : [2548] 00000040 : 00 13 00 05 00 04 01 00-00 35 00 00 00 18 00 16 : .........5......
System.Net.Sockets Verbose: 0 : [2548] 00000050 : 00 00 13 6D 61 64 69 73-2D 64 61 74 61 2E 6E 6F : ...madis-data.no
System.Net.Sockets Verbose: 0 : [2548] 00000060 : 61 61 2E 67 6F 76 00 0A-00 06 00 04 00 17 00 18 : aa.gov..........
System.Net.Sockets Verbose: 0 : [2548] 00000070 : 00 0B 00 02 01 00 00 23-00 00 FF 01 00 01 00    : .......#.......
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Send()  -> Int32#127
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Receive()
System.Net.Sockets Verbose: 0 : [2548] Data from Socket#36216217::Receive
System.Net.Sockets Verbose: 0 : [2548] 00000000 : 15 03 01 00 02                                  : .....
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Receive()   -> Int32#5
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Receive()
System.Net.Sockets Verbose: 0 : [2548] Data from Socket#36216217::Receive
System.Net.Sockets Verbose: 0 : [2548] 00000005 : 02 28                                           : .(
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Receive()   -> Int32#2
System.Net Information: 0 : [2548] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = 8c0ec23d10:c8f6c09a90, targetName = madis-data.noaa.gov, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [2548] InitializeSecurityContext(In-Buffers count=2, Out-Buffer length=0, returned code=IllegalMessage).
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Dispose()
System.Net Error: 0 : [2548] Exception in HttpWebRequest#27754753:: - The request was aborted: Could not create SSL/TLS secure channel..
System.Net Error: 0 : [2548] Exception in HttpWebRequest#27754753::GetResponse - The request was aborted: Could not create SSL/TLS secure channel..
System.Net Verbose: 0 : [2548] WebRequest::Create(https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV)
System.Net Verbose: 0 : [2548] HttpWebRequest#31219764::HttpWebRequest(https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV#-2142986532)
System.Net Verbose: 0 : [2548] Exiting HttpWebRequest#31219764::HttpWebRequest() 
System.Net Verbose: 0 : [2548] Exiting WebRequest::Create()     -> HttpWebRequest#31219764
System.Net Verbose: 0 : [2548] HttpWebRequest#31219764::GetResponse()
System.Net Information: 0 : [2548] Associating HttpWebRequest#31219764 with ServicePoint#40143513
System.Net Information: 0 : [2548] Associating Connection#18847233 with HttpWebRequest#31219764
System.Net.Sockets Verbose: 0 : [2548] Socket#28460958::Socket(AddressFamily#2)
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#28460958::Socket() 
System.Net.Sockets Verbose: 0 : [2548] Socket#25961122::Socket(AddressFamily#23)
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#25961122::Socket() 
System.Net.Sockets Verbose: 0 : [2548] Socket#28460958::Connect(140.172.12.193:443#-1056133833)
System.Net.Sockets Information: 0 : [2548] Socket#28460958 - Created connection from 10.211.55.4:49220 to 140.172.12.193:443.
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#28460958::Connect() 
System.Net.Sockets Verbose: 0 : [2548] Socket#25961122::Close()
System.Net.Sockets Verbose: 0 : [2548] Socket#25961122::Dispose()
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#25961122::Close()

没有必须安装的证书才能工作,但我在跟踪输出中看到“剩下 0 个客户端证书可供选择。”不过,我不知道如何解决这个问题。

我已经在 StackOverflow 和网络上搜索了数小时的解决方案,但没有成功。有人对我有什么建议吗?

更新:作为一种解决方法,我尝试使用命令行中的 powershell 来获取数据,但令人惊讶的是收到了同样的错误!这向我表明问题出在 Windows 而不是我的 .NET 实现上。

这是我的命令行的输出:

C:\>powershell -Command "(New-Object Net.WebCl
ient).DownloadFile('https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPub
licDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lo
nll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&c
svmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nv
ars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&
nvars=PRESWEA&nvars=SKYCOV', 'madis.csv')"
Exception calling "DownloadFile" with "2" argument(s): "The request was
aborted: Could not create SSL/TLS secure channel."
At line:1 char:1
+ (New-Object
Net.WebClient).DownloadFile('https://madis-data.noaa.gov/madisPublic ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : WebException

最佳答案

这在 PowerShell 中对我有用:

$url = "https://madis-data.noaa.gov/madisPublic1..."
$filename = "madis.csv"

[Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls

$webClient = new-object System.Net.WebClient
$webClient.DownloadFile( $url, $filename )

这在 C# 中有效

var url = @"https://madis-data.noaa.gov/madisPublic1...";
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;

WebClient wc = new WebClient();
wc.DownloadFile(url, "madis.csv");

关于c# - 错误 "Could not create SSL/TLS secure channel."尽管手动设置 TLS,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31962795/

上一篇:ssl - 如何使用 https 配置 Nancyfx

下一篇:SSL - 安装证书后 CN 无效(获取 CN *.herokuapp.com)

相关文章:

WordPress 不会在我的一生中强制使用 SSL

c# - select/epoll/kqueue 的 C# 等效函数是什么?

c# - linq2sql 中的简单急切/延迟加载示例

c# - 如何在同一台机器上打开 2 个命名管道?

c# - `as` 会启用多态性吗?将继承的类传递给采用基类启用多态性的方法?

java - 如何在 Java 中接收 SSL 套接字数据?

javascript - ASP.Net 数组因 Javascript 函数而失去结构

java - 将 Apache HttpComponents 用于 https 请求 : "peer not authenticated" and "handshake_failure" errors

java - 通过 gmail 从 java 发送电子邮件时出现异常

amazon-web-services - 在 AWS 推荐上部署 Node Express

©2024 IT工具网  联系我们