日期:2019-03-24  浏览次数:6442 次

1、请求被中止: 未能创建 SSL/TLS 安全通道。NET4.0下解决方案

2、SecurityProtocolType.Tls12 NET4.0下解决方案 

//System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
 
                    //处理HttpWebRequest访问https有安全证书的问题( 请求被中止: 未能创建 SSL/TLS 安全通道。)
                    //ServicePointManager.ServerCertificateValidationCallback += (s, cert, chain, sslPolicyErrors) => true;
                    //ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
 
                    ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
 
敌乎网友回答:

System.Net.ServicePointManager.SecurityProtocol在两个.NET中的默认值4.0/4.5SecurityProtocolType.Tls|SecurityProtocolType.Ssl3

.NET 4.0以支持最高TLS 1.0同时.NET 4.5支持最多TLS 1.2

但是,应用程序定位.NET 4.0仍可以支持最多安装在相同环境中的TLS 1.2if .NET 4.5.NET 4.5安装在上面.NET 4.0,替换System.dll

我通过观察在流量中设置的正确安全协议fiddler4并通过在.NET 4.0项目中手动设置枚举值来验证了这一点:

ServicePointManager.SecurityProtocol = (SecurityProtocolType)192 |
(SecurityProtocolType)768 | (SecurityProtocolType)3072;

参考资料:

namespace System.Net
{
    [System.Flags]
    public enum SecurityProtocolType
    {
       Ssl3 = 48,
       Tls = 192,
       Tls11 = 768,
       Tls12 = 3072,
    }
}

如果尝试在仅.NET 4.0安装了环境的情况下进行破解,您将得到以下异常:

Unhandled Exception: System.NotSupportedException: The requested security protocol is not supported. at System.Net.ServicePointManager.set_SecurityProtocol(SecurityProtocolType v alue)

不过,我不会推荐这种“黑客”,因为未来的补丁等可能会破坏它。*

因此,我决定取消支持的最佳途径SSLv3是:

  1. 升级所有应用程序 .NET 4.5
  2. 添加以下代码以增强代码以覆盖默认和将来的证明: System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;