如何允许.NET使用不安全的算法来验证SSL / TLS中的证书

Question

我们正在尝试与使用通过现在考虑的不安全算法签名的证书的服务集成（我们无法控制这一点）。我们通过评论jdk.tls.disabledAlgorithms文件中的java.security行（用于通过不安全的算法禁用验证）来设法在Java中完成此操作，此处评论SSL handshake exception: "Algorithm constraints check failed: MD5withRSA"

但是，我现在尝试从.NET wcf自动生成的客户端调用该服务，但代码正在抛出WebException：The request was aborted: Could not create SSL/TLS secure channel。我相信它也是出于同样的原因。在验证证书时，如何指示框架接受任何哈希算法？

这是我们的代码：

static void Main(string[] args)
{
    var ws = new ViabilidadePrefeituraWSClient();
    ServicePointManager.ServerCertificateValidationCallback =
        delegate (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        { return true; };
    ServicePointManager.Expect100Continue = true;
    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;

    ws.recuperaViabilidadesPendentes("");
}

这是我们的App.config：

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <startup> 
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
    </startup>
    <system.serviceModel>
        <diagnostics performanceCounters="Default" />
        <behaviors>
            <endpointBehaviors>
                <behavior name="NewBehavior0">
                    <clientCredentials useIdentityConfiguration="false">
                        <clientCertificate findValue="www.santaluzia.mg.gov.br" storeLocation="LocalMachine"
                            storeName="TrustedPeople" x509FindType="FindBySubjectName" />
                        <serviceCertificate>
                            <defaultCertificate findValue="newsrmwildfly.jucemg.intranet"
                                storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectName" />
                            <authentication certificateValidationMode="PeerOrChainTrust" />
                        </serviceCertificate>
                    </clientCredentials>
                </behavior>
            </endpointBehaviors>
        </behaviors>
        <bindings>
            <basicHttpBinding>
                <binding name="NewBinding2">
                    <security mode="Transport">
                    </security>
                </binding>
            </basicHttpBinding>
        </bindings>
        <client>
            <endpoint address="https://wssecprefeituras.jucemg.mg.gov.br/empreendimento/service/ViabilidadePrefeituraWS"
                behaviorConfiguration="NewBehavior0" binding="basicHttpBinding"
                bindingConfiguration="NewBinding2" contract="ViabilidadePrefeituraWS.ViabilidadePrefeituraWS"
                name="ViabilidadePrefeituraWSPort" />
        </client>
    </system.serviceModel>
</configuration>