出于安全考虑,我们在服务器中禁用了 TLS 1.0 和 TLS 1.1,并启用了 TLS 1.2
当我们使用 WCFTestClient 调用 WCF Webservice 时,我们会收到以下错误消息。
我尝试了很多方法来修复,但没有任何效果(引用:- https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls#configuring-security-via-appcontext-switches)
我发现一篇文章 WCFTestClient 有问题,但不确定。
(https://developercommunity.visualstudio.com/t/wcf-test-client-does-not-support-tls-12/1193549)
任何人都可以帮忙吗
接收对 https://devseatm07.europe.shell.com/EventCollectorService/v3.svc 的 HTTP 响应时出错.这可能是由于服务端点绑定(bind)未使用 HTTP 协议(protocol)。这也可能是由于服务器中止了 HTTP 请求上下文(可能是由于服务关闭)。有关更多详细信息,请参阅服务器日志。
服务器堆栈跟踪:
System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage
retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at IEventCollectorService.ReceiveEvent(EventMessage eventMessage)
at EventCollectorServiceClient.ReceiveEvent(EventMessage eventMessage)
Inner Exception:
The underlying connection was closed: An unexpected error occurred on a receive.
at System.Net.HttpWebRequest.GetResponse()
at
System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
Inner Exception:
The client and server cannot communicate, because they do not possess a common algorithm
at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)
at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential& secureCredential)
at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, X509Certificate2 selectedCert, Flags flags)
at System.Net.Security.SecureChannel.AcquireClientCredentials(Byte[]& thumbPrint)
at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.TlsStream.CallProcessAuthentication(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
最佳答案
The client and server cannot communicate, because they do not possess a common algorithm
此错误是由于在调用 API 或服务之前未使用 TLS 1.2 协议(protocol),导致密码算法不匹配造成的。
您可以设置 SecurityProtocol 变量。
您要做的第一件事是在您的 ASP.NET 项目中添加以下代码行:
//Add TLS 1.2 to the supported cryptographic protocols
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
如果您的 .NET Framework 版本为 4.5 或更低,或者如果您没有“Tls12”类型的值,则只需使用 int 值,即 3072:// Add TLS 1.2 to the supported cryptographic protocols (for .NET Framework < 4.5)
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
插入此行的最佳位置是 Global.asax (ASP.NET 4.x) 或 Startup.cs (ASP.NET 5/.NET Core) 文件中的 Application_Start() 方法。您还可以尝试其他解决方案: https://www.ryadel.com/en/asp-net-client-server-cannot-comunicate-because-they-possess-common-algorithm-how-to-fix-c-sharp/
关于c# - WCFTestClient 通过禁用 TLS 1.0 和 TLS 1.1 给出错误消息,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/70203539/