.NET 4.5.1 中的 WCF 客户端:如何在使用 WebRequest 时启用 TLS 1.2?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/29663974/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
WCF Client in .NET 4.5.1: How to enable TLS 1.2 when WebRequest is used?
提问by Jonesome Reinstate Monica
Our .net WCF Client, the WebRequest call, compiled to a windows EXE, running on Win2012-R2, refuses to connect to a web server that surfaces ONLY TLS 1.2
我们的 .net WCF 客户端,WebRequest 调用,编译为 Windows EXE,在 Win2012-R2 上运行,拒绝连接到仅显示 TLS 1.2 的 Web 服务器
We know that Win2012 and .NET 4.5x support TLS 1.2
我们知道 Win2012 和 .NET 4.5x 支持 TLS 1.2
We have no problems when the server surfaces TLS 1.0 and up. The problem is only seen when the server we connect to has DISABLED TLS 1.0, 1.1 and SSL2 and SSL3. The Server ONLY surfaces TLS 1.2. Chrome and firefox (on Win 7 and higher) connect fine to the server (no warnings or SSL issues of any kind).
当服务器显示 TLS 1.0 及更高版本时,我们没有问题。只有当我们连接的服务器禁用 TLS 1.0、1.1 和 SSL2 和 SSL3 时才会出现问题。服务器仅显示 TLS 1.2。Chrome 和 firefox(在 Win 7 及更高版本上)可以很好地连接到服务器(没有任何警告或 SSL 问题)。
The server certificate is %100 OK.
服务器证书为 %100 OK。
The problem is that WebRequest fails to connect in this situation.
问题是 WebRequest 在这种情况下无法连接。
What do we need to set in code so that our use of WebRequest will connect to systems that may run TLS 1.2, 1.1, 1.0, and/or SSL v3?
我们需要在代码中设置什么,以便我们使用 WebRequest 连接到可能运行 TLS 1.2、1.1、1.0 和/或 SSL v3 的系统?
回答by Jonesome Reinstate Monica
While not easy to figure out, the needed property is:
虽然不容易弄清楚,但所需的属性是:
System.Net.ServicePointManager.SecurityProtocol
System.Net.ServicePointManager.SecurityProtocol
This can be used to disable and enable TLS levels in the WCF environment.
这可用于在 WCF 环境中禁用和启用 TLS 级别。
Further, you can see what WCF is currently set to using:
此外,您可以查看 WCF 当前设置为使用的内容:
Console.WriteLine(System.Net.ServicePointManager.SecurityProtocol.ToString());
With thanks to: How do I disable SSL fallback and use only TLS for outbound connections in .NET? (Poodle mitigation)
回答by Yujie
You should work with .NET 4.5 or above version and add this line in your code:
您应该使用 .NET 4.5 或更高版本并在您的代码中添加以下行:
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
回答by J.Wincewicz
What is important, you should start with .Net Framework v4.5at least. Older versions do notsupport TSL 1.2. Later on, while authenticating to the server explicitly use this protocol:
重要的是,你.Net Framework v4.5至少应该开始。旧版本不支持TSL 1.2. 稍后,在向服务器进行身份验证时,明确使用此协议:
sslStream.AuthenticateAsClient(this._configuration.Host, null, SslProtocols.Tls12, true);
