错误“无法创建SSL/TLS安全通道”.尽管手动设置TLS
本文关键字:TLS 通道 设置 安全 错误 创建 无法创建 SSL | 更新日期: 2023-09-27 18:07:23
这是我在Windows 8上运行的c#代码:
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);
HttpWebResponse webResponse = (HttpWebResponse)webRequest.GetResponse(); // FAIL!!!
异常是"Could not create SSL/TLS secure channel."
如果我在浏览器中尝试URL,它可以工作。查看证书(这是一个HTTPS请求),我可以看到证书使用以下内容:
Your connection to madis-data.noaa.gov is encrypted using an obsolete cipher suite.
The connection uses TLS 1.0.
The connection is encrypted using AES_128_CBC,
with HMAC-SHA1 for message authentication and DHE_RSA
as the key exchange mechanism.
我已经打开了web中的跟踪。配置查看到底发生了什么,下面是输出:
System.Net Information: 0 : [13952] ConnectStream#38701186::ConnectStream(Buffered 5 bytes.)
System.Net Information: 0 : [13952] Associating HttpWebRequest#59795752 with ConnectStream#38701186
System.Net Information: 0 : [13952] Associating HttpWebRequest#59795752 with HttpWebResponse#1266475
System.Net Verbose: 0 : [13952] Exiting HttpWebRequest#59795752::GetResponse() -> HttpWebResponse#1266475
System.Net Verbose: 0 : [13952] HttpWebResponse#1266475::GetResponseStream()
System.Net Information: 0 : [13952] ContentLength=5
System.Net Verbose: 0 : [13952] Exiting HttpWebResponse#1266475::GetResponseStream() -> ConnectStream#38701186
System.Net Verbose: 0 : [13952] ConnectStream#38701186::Read()
System.Net Verbose: 0 : [13952] Data from ConnectStream#38701186::Read
System.Net Verbose: 0 : [13952] 00000000 : 44 6F 6E 65 2E : Done.
System.Net Verbose: 0 : [13952] Exiting ConnectStream#38701186::Read() -> Int32#5
System.Net Verbose: 0 : [13952] ConnectStream#38701186::Read()
System.Net Verbose: 0 : [13952] Exiting ConnectStream#38701186::Read() -> Int32#0
System.Net Verbose: 0 : [2548] WebRequest::Create(https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV)
System.Net Verbose: 0 : [2548] HttpWebRequest#27754753::HttpWebRequest(https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV#-2142986532)
System.Net Verbose: 0 : [2548] Exiting HttpWebRequest#27754753::HttpWebRequest()
System.Net Verbose: 0 : [2548] Exiting WebRequest::Create() -> HttpWebRequest#27754753
System.Net Verbose: 0 : [2548] HttpWebRequest#27754753::GetResponse()
System.Net Verbose: 0 : [2548] ServicePoint#40143513::ServicePoint(madis-data.noaa.gov:443)
System.Net Information: 0 : [2548] Associating HttpWebRequest#27754753 with ServicePoint#40143513
System.Net Information: 0 : [2548] Associating Connection#34830681 with HttpWebRequest#27754753
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Socket(AddressFamily#2)
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Socket()
System.Net.Sockets Verbose: 0 : [2548] Socket#729977::Socket(AddressFamily#23)
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#729977::Socket()
System.Net.Sockets Verbose: 0 : [2548] DNS::TryInternalResolve(madis-data.noaa.gov)
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Connect(140.172.12.193:443#-1056133833)
System.Net.Sockets Information: 0 : [2548] Socket#36216217 - Created connection from 10.211.55.4:49219 to 140.172.12.193:443.
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Connect()
System.Net.Sockets Verbose: 0 : [2548] Socket#729977::Close()
System.Net.Sockets Verbose: 0 : [2548] Socket#729977::Dispose()
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#729977::Close()
System.Net Information: 0 : [2548] Connection#34830681 - Created connection from 10.211.55.4:49219 to 140.172.12.193:443.
System.Net Information: 0 : [2548] TlsStream#59226404::.ctor(host=madis-data.noaa.gov, #certs=0)
System.Net Information: 0 : [2548] Associating HttpWebRequest#27754753 with ConnectStream#58631946
System.Net Information: 0 : [2548] HttpWebRequest#27754753 - Request: GET /madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV HTTP/1.1
System.Net Information: 0 : [2548] ConnectStream#58631946 - Sending headers
{
Host: madis-data.noaa.gov
Connection: Keep-Alive
}.
System.Net Information: 0 : [2548] SecureChannel#35318308::.ctor(hostname=madis-data.noaa.gov, #clientCertificates=0, encryptionPolicy=RequireEncryption)
System.Net Information: 0 : [2548] Enumerating security packages:
System.Net Information: 0 : [2548] Negotiate
System.Net Information: 0 : [2548] NegoExtender
System.Net Information: 0 : [2548] Kerberos
System.Net Information: 0 : [2548] NTLM
System.Net Information: 0 : [2548] TSSSP
System.Net Information: 0 : [2548] pku2u
System.Net Information: 0 : [2548] LiveSSP
System.Net Information: 0 : [2548] WDigest
System.Net Information: 0 : [2548] Schannel
System.Net Information: 0 : [2548] Microsoft Unified Security Protocol Provider
System.Net Information: 0 : [2548] CREDSSP
System.Net Information: 0 : [2548] SecureChannel#35318308 - Left with 0 client certificates to choose from.
System.Net Information: 0 : [2548] AcquireCredentialsHandle(package = Microsoft Unified Security Protocol Provider, intent = Outbound, scc = System.Net.SecureCredential)
System.Net Information: 0 : [2548] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = (null), targetName = madis-data.noaa.gov, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [2548] InitializeSecurityContext(In-Buffer length=0, Out-Buffer length=127, returned code=ContinueNeeded).
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Send()
System.Net.Sockets Verbose: 0 : [2548] Data from Socket#36216217::Send
System.Net.Sockets Verbose: 0 : [2548] 00000000 : 16 03 01 00 7A 01 00 00-76 03 01 55 CB 07 87 0F : ....z...v..U....
System.Net.Sockets Verbose: 0 : [2548] 00000010 : 05 21 DE ED FF 2F E8 87-E5 CD 90 BF 81 CF B9 87 : .!.../..........
System.Net.Sockets Verbose: 0 : [2548] 00000020 : CA 7F 1A 5A D1 00 0B 67-FF A2 62 00 00 18 C0 14 : ...Z...g..b.....
System.Net.Sockets Verbose: 0 : [2548] 00000030 : C0 13 00 35 00 2F C0 0A-C0 09 00 38 00 32 00 0A : ...5./.....8.2..
System.Net.Sockets Verbose: 0 : [2548] 00000040 : 00 13 00 05 00 04 01 00-00 35 00 00 00 18 00 16 : .........5......
System.Net.Sockets Verbose: 0 : [2548] 00000050 : 00 00 13 6D 61 64 69 73-2D 64 61 74 61 2E 6E 6F : ...madis-data.no
System.Net.Sockets Verbose: 0 : [2548] 00000060 : 61 61 2E 67 6F 76 00 0A-00 06 00 04 00 17 00 18 : aa.gov..........
System.Net.Sockets Verbose: 0 : [2548] 00000070 : 00 0B 00 02 01 00 00 23-00 00 FF 01 00 01 00 : .......#.......
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Send() -> Int32#127
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Receive()
System.Net.Sockets Verbose: 0 : [2548] Data from Socket#36216217::Receive
System.Net.Sockets Verbose: 0 : [2548] 00000000 : 15 03 01 00 02 : .....
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Receive() -> Int32#5
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Receive()
System.Net.Sockets Verbose: 0 : [2548] Data from Socket#36216217::Receive
System.Net.Sockets Verbose: 0 : [2548] 00000005 : 02 28 : .(
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#36216217::Receive() -> Int32#2
System.Net Information: 0 : [2548] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = 8c0ec23d10:c8f6c09a90, targetName = madis-data.noaa.gov, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [2548] InitializeSecurityContext(In-Buffers count=2, Out-Buffer length=0, returned code=IllegalMessage).
System.Net.Sockets Verbose: 0 : [2548] Socket#36216217::Dispose()
System.Net Error: 0 : [2548] Exception in HttpWebRequest#27754753:: - The request was aborted: Could not create SSL/TLS secure channel..
System.Net Error: 0 : [2548] Exception in HttpWebRequest#27754753::GetResponse - The request was aborted: Could not create SSL/TLS secure channel..
System.Net Verbose: 0 : [2548] WebRequest::Create(https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV)
System.Net Verbose: 0 : [2548] HttpWebRequest#31219764::HttpWebRequest(https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPublicDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lonll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&csvmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nvars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&nvars=PRESWEA&nvars=SKYCOV#-2142986532)
System.Net Verbose: 0 : [2548] Exiting HttpWebRequest#31219764::HttpWebRequest()
System.Net Verbose: 0 : [2548] Exiting WebRequest::Create() -> HttpWebRequest#31219764
System.Net Verbose: 0 : [2548] HttpWebRequest#31219764::GetResponse()
System.Net Information: 0 : [2548] Associating HttpWebRequest#31219764 with ServicePoint#40143513
System.Net Information: 0 : [2548] Associating Connection#18847233 with HttpWebRequest#31219764
System.Net.Sockets Verbose: 0 : [2548] Socket#28460958::Socket(AddressFamily#2)
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#28460958::Socket()
System.Net.Sockets Verbose: 0 : [2548] Socket#25961122::Socket(AddressFamily#23)
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#25961122::Socket()
System.Net.Sockets Verbose: 0 : [2548] Socket#28460958::Connect(140.172.12.193:443#-1056133833)
System.Net.Sockets Information: 0 : [2548] Socket#28460958 - Created connection from 10.211.55.4:49220 to 140.172.12.193:443.
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#28460958::Connect()
System.Net.Sockets Verbose: 0 : [2548] Socket#25961122::Close()
System.Net.Sockets Verbose: 0 : [2548] Socket#25961122::Dispose()
System.Net.Sockets Verbose: 0 : [2548] Exiting Socket#25961122::Close()
不需要安装证书,但我在跟踪输出中看到"剩下0个客户端证书可供选择"。我不知道如何解决这个问题。
我已经在StackOverflow和网络上搜索了几个小时,但没有成功。有人有什么建议吗?
更新:作为一种解决方案,我尝试从命令行使用powershell来获取数据,令人惊讶的是收到了同样的错误!这表明问题出在Windows而不是我的。net实现上。
下面是我的命令行输出:C:'>powershell -Command "(New-Object Net.WebCl
ient).DownloadFile('https://madis-data.noaa.gov/madisPublic1/cgi-bin/madisXmlPub
licDir?rdr=&time=0&minbck=-90&minfwd=0&recwin=3&dfltrsel=0&state=AK&latll=0.0&lo
nll=0.0&latur=90.0&lonur=0.0&stanam=&stasel=0&pvdrsel=0&varsel=1&qcsel=0&xml=2&c
svmiss=1&nvars=WMOID&nvars=TD&nvars=RH&nvars=ALTSE&nvars=P&nvars=PT3&nvars=DD&nv
ars=T&nvars=TV&nvars=FF&nvars=FFGUST&nvars=ELEV&nvars=LAT&nvars=LON&nvars=PCP1H&
nvars=PRESWEA&nvars=SKYCOV', 'madis.csv')"
Exception calling "DownloadFile" with "2" argument(s): "The request was
aborted: Could not create SSL/TLS secure channel."
At line:1 char:1
+ (New-Object
Net.WebClient).DownloadFile('https://madis-data.noaa.gov/madisPublic ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : WebException
这在PowerShell中对我很有效:
$url = "https://madis-data.noaa.gov/madisPublic1..."
$filename = "madis.csv"
[Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls
$webClient = new-object System.Net.WebClient
$webClient.DownloadFile( $url, $filename )
,这在c#
中有效var url = @"https://madis-data.noaa.gov/madisPublic1...";
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
WebClient wc = new WebClient();
wc.DownloadFile(url, "madis.csv");
问题是主机上有问题的SSL证书,现已解决。