TLS 1. 2 客户端和服务器无法通信,因为它们没有通用算法
[英]TLS 1. 2 The client and server cannot communicate, because they do not possess a common algorithm
问题描述
I have an issue with TLS 1.2.
我有 TLS 1.2 的问题。 It works if I enable tls1.0 in client machine, but it is not recommended.如果我在客户端机器上启用 tls1.0,它会工作,但不推荐。
Exception is - The client and server cannot communicate, because they do not possess a common algorithmSystem.ComponentModel.Win32Exception (0x80004005): The client and server cannot communicate, because they do not possess a common algorithm.
Target Framework of my app is .NET 4.6.2.我的应用程序的目标框架是 .NET 4.6.2。
2 个解决方案
解决方案1
1 2020-09-15 19:53:50
There are two possible scenario, in my case I used 2nd point.有两种可能的情况,就我而言,我使用了第二点。
If you are facing this issue in production environment and you can easily deploy new code to the production then you can use of below solution.
如果您在生产环境中遇到此问题,并且可以轻松地将新代码部署到生产环境中,那么您可以使用以下解决方案。You can add below line of code before making api call,
您可以在进行 api 调用之前添加以下代码行,ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; // .NET 4.5If you cannot deploy new code and you want to resolve with the same code which is present in the production, then this issue can be done by changing some configuration setting in config file.
如果您无法部署新代码,并且希望使用生产中存在的相同代码来解决,则可以通过更改配置文件中的某些配置设置来解决此问题。 You can add either of one in your config file.您可以在配置文件中添加任何一个。
<runtime>
<AppContextSwitchOverrides value="Switch.System.Net.DontEnableSchUseStrongCrypto=false"/>
</runtime>
or或者
<runtime>
<AppContextSwitchOverrides value="Switch.System.Net.DontEnableSystemDefaultTlsVersions=false"
</runtime>
解决方案2
0 2021-03-17 13:52:17
These are my troubleshooting steps to fix the problem.这些是我解决问题的故障排除步骤。
- Install IISCrypto.exe, and turn off TSL 1.0/1.1 on my local server and client, only leave TSL 1.2 enabled.安装 IISCrypto.exe,并在我的本地服务器和客户端上关闭 TSL 1.0/1.1,只启用 TSL 1.2。
- In my .NET app web.conf在我的 .NET 应用程序 web.conf 中
<system.web>
<compilation debug="true" targetFramework="4.8" />
<httpRuntime targetFramework="4.8" />
- Tools > NuGet Package Manager > Manage NuGet Package for Solution.工具 > NuGet 包管理器 > 管理解决方案的 NuGet 包。
Check the installed version of MySql.Data and MySql.Web (was 6.9.9.0)检查已安装的 MySql.Data 和 MySql.Web 版本(为 6.9.9.0)
Install and update MySql.Data and MySql.Web to Version 8.0.23安装 MySql.Data 和 MySql.Web 并将其更新到版本 8.0.23
At this point, my local .NETweb server can talk to local MySql server.此时,我的本地 .NETweb 服务器可以与本地 MySql 服务器通信。 But after deployed to the production server (where only TLS 1.2 is enabled), a different error message shows up.但是在部署到生产服务器(仅启用了 TLS 1.2)之后,会出现不同的错误消息。
Fail to load MySql.Data assembly
WRN: Assembly binding logging is turned OFF.
Check the MySql.Web.dll & MySql.Data.dll under the production server ...\\myapp\\bin
检查生产服务器下的MySql.Web.dll & MySql.Data.dll ...\\myapp\\bin
Find that MySql.Data.dll is still in version 6.9.发现MySql.Data.dll还是6.9版本。Copy and paste MySql.Data.dll v.8.0.23 to the production server (from my local bin folder).
将 MySql.Data.dll v.8.0.23 复制并粘贴到生产服务器(从我的本地 bin 文件夹)。 And it fixes the problem on the production server.它修复了生产服务器上的问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.