c# - WCFTestClient 通过禁用 TLS 1.0 和 TLS 1.1 给出错误消息

Question

出于安全考虑，我们在服务器中禁用了 TLS 1.0 和 TLS 1.1，并启用了 TLS 1.2
当我们使用 WCFTestClient 调用 WCF Webservice 时，我们会收到以下错误消息。
我尝试了很多方法来修复，但没有任何效果(引用:- https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls#configuring-security-via-appcontext-switches)
我发现一篇文章 WCFTestClient 有问题，但不确定。
(https://developercommunity.visualstudio.com/t/wcf-test-client-does-not-support-tls-12/1193549)
任何人都可以帮忙吗
接收对 https://devseatm07.europe.shell.com/EventCollectorService/v3.svc 的 HTTP 响应时出错.这可能是由于服务端点绑定(bind)未使用 HTTP 协议(protocol)。这也可能是由于服务器中止了 HTTP 请求上下文(可能是由于服务关闭)。有关更多详细信息，请参阅服务器日志。
服务器堆栈跟踪:

System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

   Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage 
   retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at IEventCollectorService.ReceiveEvent(EventMessage eventMessage)
   at EventCollectorServiceClient.ReceiveEvent(EventMessage eventMessage)

   Inner Exception:
   The underlying connection was closed: An unexpected error occurred on a receive.
   at System.Net.HttpWebRequest.GetResponse()
   at 
 
 
   System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)

   Inner Exception:
   The client and server cannot communicate, because they do not possess a common algorithm
   at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)
   at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential& secureCredential)
   at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, X509Certificate2 selectedCert, Flags flags)
   at System.Net.Security.SecureChannel.AcquireClientCredentials(Byte[]& thumbPrint)
   at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
   at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.TlsStream.CallProcessAuthentication(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
   at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.ConnectStream.WriteHeaders(Boolean async)

Answer 1

The client and server cannot communicate, because they do not possess a common algorithm

此错误是由于在调用 API 或服务之前未使用 TLS 1.2 协议(protocol)，导致密码算法不匹配造成的。
您可以设置 SecurityProtocol 变量。
您要做的第一件事是在您的 ASP.NET 项目中添加以下代码行:

//Add TLS 1.2 to the supported cryptographic protocols
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

如果您的 .NET Framework 版本为 4.5 或更低，或者如果您没有“Tls12”类型的值，则只需使用 int 值，即 3072:

// Add TLS 1.2 to the supported cryptographic protocols (for .NET Framework < 4.5)
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

插入此行的最佳位置是 Global.asax (ASP.NET 4.x) 或 Startup.cs (ASP.NET 5/.NET Core) 文件中的 Application_Start() 方法。您还可以尝试其他解决方案: https://www.ryadel.com/en/asp-net-client-server-cannot-comunicate-because-they-possess-common-algorithm-how-to-fix-c-sharp/