通过TLS 1.2协议调用REST请求时出现问题

Question

I am trying to inplement REST request via TLS 1.2 protocol and getting issue: 我试图通过TLS 1.2协议添加REST请求并出现问题：

The request was aborted: Could not create SSL/TLS secure channel 该请求已中止：无法创建SSL / TLS安全通道

1) Application is hosted on Windows 2016 server 1）应用程序托管在Windows 2016服务器上

2) Register has enabled server and client configuration enabled in HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2 folder 2）注册已启用HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControlSet \\ Control \\ SecurityProviders \\ SCHANNEL \\ Protocols \\ TLS 1.2文件夹中启用的服务器和客户端配置

3) Application forced to use TLS protocol 3）应用程序被迫使用TLS协议

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

4) Application is running on .Net 4.7 4）应用程序在.Net 4.7上运行

I would be appropritiate with any ideas 我会很适合任何想法

Thanks 谢谢

Answer 1

Make sure to check all these registry settings 确保检查所有这些注册表设置

Computer\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft.NETFramework\\v4.0.30319 计算机\\ HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft.NETFramework \\ v4.0.30319

Computer\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\Configuration\\SSL\\00010002 计算机\\ HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Policies \\ Microsoft \\ Cryptography \\ Configuration \\ SSL \\ 00010002

Computer\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS1.2\\Server 计算机\\ HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControlSet \\ Control \\ SecurityProviders \\ SCHANNEL \\ Protocols \\ TLS1.2 \\ Server

In general, The WCF framework automatically chooses the highest protocol available up to TLS 1.2 unless you explicitly configure a protocol version. 通常，除非明确配置协议版本，否则WCF框架会自动选择TLS 1.2之前可用的最高协议。 But calling REST API might have a different behavior although we have not noticed that. 但是，尽管我们没有注意到，但是调用REST API的行为可能有所不同。

This was not required in our case: 在我们的情况下，这不是必需的：

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

But this was: 但这是：

<system.web>
    <compilation targetFramework="4.6" />
    <httpRuntime targetFramework="4.6" />
    <customErrors mode="Off" />   </system.web>

As well as this one: 以及这一个：

<basicHttpBinding>
        <binding name="HTTPSEndpoint" messageEncoding="Text">
          <security mode="Transport">
            <transport clientCredentialType="None" proxyCredentialType="None" />
          </security>
        </binding>

Hope this helps. 希望这可以帮助。

References: 参考文献：

Enable TLS 1.2 for specific Ciphers 为特定密码启用TLS 1.2

.Net Framework 4.6.1 not defaulting to TLS 1.2 .Net Framework 4.6.1未默认为TLS 1.2

https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls https://blogs.msdn.microsoft.com/friis/2017/10/09/troubleshooting-tls-ssl-scenario-2/ https://textslashplain.com/2015/10/12/viewing-https-handshakes-in-fiddler/ https://docs.microsoft.com/zh-cn/dotnet/framework/network-programming/tls https://blogs.msdn.microsoft.com/friis/2017/10/09/troubleshooting-tls-ssl-scenario -2 / https://textslashplain.com/2015/10/12/viewing-https-handshakes-in-fiddler/

通过TLS 1.2协议调用REST请求时出现问题

问题描述

1 个解决方案

解决方案1
0 2019-09-11 13:12:40

通过TLS 1.2协议调用REST请求时出现问题

问题描述

1 个解决方案

解决方案1 0 2019-09-11 13:12:40

解决方案1
0 2019-09-11 13:12:40