堆栈内存溢出
  简体   繁体   English

WCF服务+客户端(TLS1.2问题)

[英]WCF Service + Client (TLS1.2 Issue)

 原文  2017-06-16 00:53:39       c#/ web-services/ wcf/ wsdl/ tls1.2

问题描述

Our Server has had SSLv3, TLS1.0 and TLS1.1 disabled. 我们的服务器已禁用SSLv3,TLS1.0和TLS1.1。 Due to this, Visual Studio fails when trying to Add Service Reference when trying to retrieve the WSDL. 因此,在尝试检索WSDL时尝试添加服务引用时,Visual Studio失败。

"The underlying connection was closed: An unexpected error occurred on a send. Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. An existing connection was forcibly closed by the remote host Metadata contains a reference that cannot be resolved: An error occurred while making the HTTP request to https://mywebsite.com/Service/Service.svc?wsdl . This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. The underlying connection was closed: An unexpected error occurred on a send. Authentication failed because the remote party has closed the transport stream. If the service is defined in the current solution, try building the solution and adding the service reference again." “基础连接已关闭:发送中发生意外错误。无法从传输连接中读取数据:远程主机强行关闭了现有连接。远程主机强行关闭了现有连接。元数据包含一个引用,无法解决:向https://mywebsite.com/Service/Service.svc?wsdl发出HTTP请求时发生错误,这可能是由于服务器证书未在HTTP.SYS中正确配置而导致的。 HTTPS情况,这也可能是由于客户端和服务器之间的安全绑定不匹配引起的。基础连接已关闭:发送中发生意外错误,身份验证失败,因为远程方已关闭传输流。服务已在当前解决方案中定义,请尝试构建解决方案并再次添加服务引用。”

The WSDL is accessible in the browser. 可以在浏览器中访问WSDL。 The WSDL downloads okay when TLS 1.0/1.1 and SSLv3 are enabled. 启用TLS 1.0 / 1.1和SSLv3后,WSDL可以正常下载。 However, due to PCI requirements we have to disable SSLV3, TLS1.0 and TLS1.1. 但是,由于PCI要求,我们必须禁用SSLV3,TLS1.0和TLS1.1。

I am aware of the following System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; 我知道以下System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; but am not quite sure if this would go in the connecting Console Client or the WCF Service (or both). 但不确定是否会在连接的控制台客户端或WCF服务(或两者)中使用。

Any advice would be appreciated 任何意见,将不胜感激

1 个解决方案

解决方案1
 1 已采纳  2017-06-16 05:36:03

The line below line needs to be in the client, as that is what is making the connection. 该行下方的行需要在客户端中,因为这就是进行连接的原因。 

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

As per this blog TLS 1.2 and .NET Support: How to Avoid Connection Errors , the above will work for .Net 4.5 根据此博客的TLS 1.2和.NET支持:如何避免连接错误 ,以上内容适用于.Net 4.5

For .Net 4.6 and above it will default to TLS 1.2 and you do not need to specify TLS 1.2 对于.Net 4.6及更高版本,它将默认为TLS 1.2,并且您无需指定TLS 1.2

For .Net 4.0 you need the below instead. 对于.Net 4.0,您需要以下内容。 

 System.Net.ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

NET 3.5 or below you need to install the appropriate Microsoft Patch for your OS (listed in the blog). NET 3.5或更低版本,您需要为您的操作系统安装适当的Microsoft补丁程序(在博客中列出)。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 客户端证书不是由.Net App使用TLS1.2发送的 - Client certificate is not sent by .Net App using TLS1.2 使用HttpClient和HttpWebRequest来获取Https TLS1.2 - Using HttpClient & HttpWebRequest for Https TLS1.2 C#通过tls1.2交换Web服务 - c# exchange web services over tls1.2 .NET v4.7 不存在 TLS1.2 - TLS1.2 does not exist with .NET v4.7 使用SSIS从TLS1.2站点下载文件 - File downloads from a TLS1.2 site using SSIS 尝试在带有.net 4.0的XP sp3上运行TLS1.2 - Trying to run TLS1.2 on XP sp3 with .net 4.0 Windows XP Embedded PosReady 2009支持TLS1.2 - Windows XP Embedded PosReady 2009 support for TLS1.2 C#OpenSSL在.Net Framework 4.0中实现TLS1.2 - C# OpenSSL to achieve TLS1.2 in .Net Framework 4.0 dotnetcore 3.1 的 HttpClient 的 TLS1.2 添加密码套件 - Adding Cipher suite to TLS1.2 of HttpClient of dotnetcore 3.1 是否可以在 .NET 4.0 框架上使用 TLS1.2 发送 HttpWebRequest - Is that possible to send HttpWebRequest using TLS1.2 on .NET 4.0 framework
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM