我正在mono -V上运行单声道5.4(Mono JIT compiler version 5.4.1.6 (tarball Wed Nov 8 17:02:20 UTC 2017)报告CentOS 6.9 (Final))。
它是使用http://www.mono-project.com/download/#download-lin-centos
中的说明安装的我有一个使用Stripe.net与Stripe信用卡提供商交谈的程序。但是所有交易都会被邮件Stripe no longer supports API requests made with TLS 1.0. Please initiate HTTPS connections with TLS 1.2 or later. You can learn more about this at https://stripe.com/blog/upgrading-tls拒绝。
我编写了一个测试程序,看看mono是否正在使用tls1.2,其中包括尝试强制它执行此操作:
class Program
{
static void Main(string[] args)
{
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
File.WriteAllText("howsmyssl-httpclient.html", new HttpClient().GetStringAsync("https://www.howsmyssl.com").Result);
}
}
当我查看文件时,它说(除其他外):
Bad Your client is open to the BEAST attack. It's using TLS 1.0 or earlier while also supporting a cipher suite that uses Cipher-Block Chaining and doesn't implement the 1/n-1 record splitting mitigation. That combination will leak information.
有没有办法迫使单声道HttpClient使用TLS1.2?