堆栈内存溢出
  简体   繁体   English

随机“无法为SSL / TLS建立安全通道”错误

[英]Random “could not establish secure channel for SSL/TLS” errors

 原文  2018-04-23 20:03:10       .net/ wcf/ ssl/ certificate/ channel

问题描述

I have a WCF application hosted in IIS that work as an intermediate for two other different SOAP web services A & B. 我在IIS中托管了一个WCF应用程序,该应用程序充当另外两个不同的SOAP Web服务A和B的中介。

Calling A service operations from my application is always OK. 从我的应用程序调用A服务操作总是可以的。 Calling B service operations from my application is problematic : 从我的应用程序调用B服务操作是有问题的:

  • Using simple http endpoint URL everything work as expected. 使用简单的http终结点URL,一切都会按预期进行。
  • Moving to https endpoint works well for 1-2 days but at some time I get "Could not establish secure channel for SSL/TLS" error. 移至https端点在1-2天内效果很好,但有时会出现“无法为SSL / TLS建立安全通道”错误。

I have noticed that recycling the pool in IIS fixes the problem until the next time. 我注意到,在IIS中回收池可以解决该问题,直到下次。

My application is hosted in two servers and served through a load balancer. 我的应用程序托管在两台服务器中,并通过负载均衡器提供服务。 When I face the above problem in server 1 it is not always the case with the 2nd server as well. 当我在服务器1中遇到上述问题时,第二台服务器也并非总是如此。

  • Certificates seems to be OK. 证书似乎还可以。 No errors. 没有错误。 After all if there was an error with certificates it would not work at all. 毕竟,如果证书有错误,则根本无法使用。
  • The same if there were different SSL/TLS protocols. 如果存在不同的SSL / TLS协议,则相同。 My services serves only Tls 1.2 and service B that I call supports Tls 1.0 我的服务仅服务于Tls 1.2,而我称之为服务B支持Tls 1.0
  • Is there any possibility a restart in the service A that I call would cause that problem? 我调用的服务A重新启动是否有可能导致该问题?

What could cause that random error? 什么会导致该随机错误? Any ideas? 有任何想法吗?

1 个解决方案

解决方案1
 0 已采纳  2019-09-22 09:49:09

Change SecurityProtocolType to ssl3 or Tls1 solve problem for me. 将SecurityProtocolType更改为ssl3或Tls1为我解决了问题。 

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls1;

Open Event Viewer on your server you recycle the pool in IIS and check for schannel errors... 在服务器上打开事件查看器,然后在IIS中回收池并检查schannel错误...

I think that this is what cause the problem... 我认为这是导致问题的原因...

https://social.technet.microsoft.com/Forums/windows/en-US/0d66e764-d7d2-4a98-8a0f-27241e31ef7c/schannel-36888-the-following-fatal-alert-was-generated-10-the-internal-error-state-is-10?forum=w7itprosecurity https://social.technet.microsoft.com/Forums/windows/zh-CN/0d66e764-d7d2-4a98-8a0f-27241e31ef7c/schannel-36888-the-following-fatal-alert-was-generation-10-the-内部错误状态为10?论坛= w7itprosecurity

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法为具有权限“*”的 SSL/TLS 建立安全通道 - Could not establish secure channel for SSL/TLS with authority '*' WCF错误“无法为SSL / TLS建立安全通道……” - WCF Error “Could not establish secure channel for SSL/TLS …” out of the blue 无法为SOAP调用建立SSL / TLS的安全通道 - Could not establish secure channel for SSL/TLS for SOAP call 无法为 SSL/TLS 安全通道建立信任关系 -- SOAP - Could not establish trust relationship for SSL/TLS secure channel -- SOAP 通信后无法使用授权建立SSL / TLS的安全通道 - Could not establish secure channel for SSL/TLS with authority after communication 具有有效证书的“无法为SSL / TLS安全通道建立信任关系” - “Could not establish trust relationship for the SSL/TLS secure channel” with valid certificate 客户端证书:无法为具有权限的SSL / TLS建立安全通道(再次!) - Client certificate: Could not establish secure channel for SSL/TLS with authority (Again!) WCF 客户端 - 无法为 SSL/TLS 建立安全通道 - WCF client - Could not establish secure channel for SSL/TLS 随机抛出“无法建立SSL / TLS安全通道的信任关系” - Randomly throwing “Could not establish trust relationship for the SSL/TLS secure channel” 无法为SSL / TLS建立安全通道:如何在Windows Server 2008上启用TLS - Could not establish secure channel for SSL/TLS: how to enable TLS on windows server 2008
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM