【发布时间】:2021-08-20 13:06:12
【问题描述】:
我们在服务器中禁用了 TLS1.0 和 1.1,仅启用了 TLS1.2。但是我们遇到了以下异常。
System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
--- End of inner exception stack trace ---
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.TlsStream.CallProcessAuthentication(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetResponse()
我们尝试了以下解决方案。
.Net 框架版本为 4.6.2。 有什么解决办法吗?
【问题讨论】:
-
您使用的是哪个 Windows 版本?默认情况下,TLS1.2 应在仍受支持的所有 Windows 版本中使用。在 .NET 中,4.6.2 及更高版本自动使用操作系统的加密。这意味着您应该能够在 Windows 10 1903 及更高版本中使用 TLS1.3
-
在旧的、不受支持的 Windows 版本中,您需要添加适当的更新或进行一些注册表调整以启用 TLS1.2
-
Windows Server 2019 @PanagiotisKanavos
-
Windows Server 2019,在代码中我们设置了 ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls |安全协议类型.Tls11 |安全协议类型.Tls12 |安全协议类型.Ssl3;在 WebRequest @PanagiotisKanavos 之前
-
当您说要禁用启用旧协议时,该行启用。反正也不需要。使用 Fiddler 之类的调试代理来检查客户端和服务器之间的协议协商。在
CONNECT调用中,请求包含客户端提供的参数,响应包含服务器接受的参数。
标签: c# tls1.2 webrequest