我有一个调用SOAP Web服务的.NET应用程序,它已经运行多年但是几天前它在Windows(Server 2012 R2)安全更新后停止工作(有很多我不知道哪个一)。 Microsoft已发布了一些有关该问题的文章,但所有描述的解决方法都不起作用:
我正在调用的服务使用SSL3 / TLS1.0,提供程序不能/不会将其升级到TLS1.2。此外,我在旧的Windows 2008R2中测试了我的应用程序,它没有.NET4更新,并且它像之前一样工作。
我的代码:
string url = "https://weblogic_server:7070/app/Service";
string text = "<soapenv:Envelope>...</soapenv:Envelope>";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
ServicePointManager.ServerCertificateValidationCallback = (sender, cert, chain, error) =>
{
return true;
};
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Ssl3;
//ServicePointManager.Expect100Continue = false; // did nothing good
//ServicePointManager.UseNagleAlgorithm = false; // did nothing good
byte[] bytes = System.Text.Encoding.ASCII.GetBytes(text);
request.ContentType = "text/xml; encoding='utf-8'";
request.Timeout = 1000000000;
request.ContentLength = bytes.Length;
request.KeepAlive = true;
request.Method = "POST";
using (Stream stm = request.GetRequestStream()) // Exception
{
using (StreamWriter stmw = new StreamWriter(stm))
{
stmw.Write(text);
}
}
using (StreamReader responseReader = new StreamReader(request.GetResponse().GetResponseStream()))
{
string resultText = responseReader.ReadToEnd();
HttpWebResponse resp = (HttpWebResponse)request.GetResponse();
Console.WriteLine(resp);
Console.WriteLine(resultText);
}
异常代码是:
System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: The handshake failed due to an unexpected packet format.
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream()
我的问题是:
- 除了文章中描述的内容之外,还有其他方法/解决方法可以使这个调用工作吗?
- 代码在.NET2.0下工作正常,.NET4.0没有更新到.NET4.6,是否有办法强制应用程序使用特定的旧System.dll(从Windows 2008R2机器复制)?我尝试手动添加它作为参考,但CLR总是使用GAC的
- 是否可能超载HttpWebRequest并以某种方式强制它使用SSL3?
感谢。