我需要通过https访问Web服务,其证书存在一些问题。在Chrome中,它表明网站的身份已经确认,但没有公开录入。
当向该网址发出httprequest时,我收到错误System.Net.WebExceptionStatus.SecureChannelFailure
“请求已中止:无法创建SSL / TLS安全通道。”
我尝试使用
禁用证书验证ServicePointManager.ServerCertificateValidationCallback += ValidateRemoteCertificate;
private static bool ValidateRemoteCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
{
// If the certificate is a valid, signed certificate, return true.
if (error == System.Net.Security.SslPolicyErrors.None)
{
return true;
}
Console.WriteLine("X509Certificate [{0}] Policy Error: '{1}'",
cert.Subject,
error.ToString());
return false;
}
但回调甚至没有被击中。如果我请求一个不同的(有效)URL,则会回击该回调。
有什么方法可以进一步调试这个问题吗?
以下是完整的示例代码:
private void button1_Click(object sender, EventArgs e)
{
string url = "https://domainwithsslissues.";
string method = "get";
ServicePointManager.ServerCertificateValidationCallback += ValidateRemoteCertificate;
HttpWebRequest ws = (HttpWebRequest)WebRequest.Create(url);
ws.Credentials = CredentialCache.DefaultCredentials;
ws.Method = method;
using (HttpWebResponse webResponse = (HttpWebResponse)ws.GetResponse())
{
using (Stream responseStream = webResponse.GetResponseStream())
{
using (StreamReader responseStreamReader = new StreamReader(responseStream, true))
{
string response = responseStreamReader.ReadToEnd();
Console.WriteLine(response);
responseStreamReader.Close();
}
responseStream.Close();
}
webResponse.Close();
}
}
private static bool ValidateRemoteCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
{
if (error == System.Net.Security.SslPolicyErrors.None)
{
return true;
}
Console.WriteLine("X509Certificate [{0}] Policy Error: '{1}'",
cert.Subject,
error.ToString());
return false;
}
答案 0 :(得分:1)
事实证明,Web服务需要TLS 1.1。或.NET 1.2中不支持的