堆栈内存溢出
  简体   繁体   English

请求被中止:无法创建 SSL/TLS 安全通道 - 客户端问题

[英]The request was aborted: Could not create SSL/TLS secure channel - client issues

 原文  2020-04-30 13:09:34       .net/ ssl-certificate/ tls1.2

问题描述

I'm having issues with SSL handshake in one of our projects.我在我们的一个项目中遇到了 SSL 握手问题。 There is a 2 say SSL certificate required.需要 2 个说 SSL 证书。

Security protocol is set to TLS12 (and tested with others as well TLS1,SSL3) and also certifcate callback is properly done.安全协议设置为 TLS12(并与其他协议以及 TLS1、SSL3 一起测试),并且证书回调已正确完成。 The problem is that the code works on workstations but not on any servers (win 2008 or 2012).问题是代码可以在工作站上运行,但不能在任何服务器上运行(win 2008 或 2012)。

The error we are receiving is: The request was aborted: Could not create SSL/TLS secure channel.我们收到的错误是: The request was aborted: Could not create SSL/TLS secure channel. We actually don't get any server certificate callback on any of the servers.我们实际上没有在任何服务器上获得任何服务器证书回调。

Here is the codesnippet when we load cert.这是我们加载证书时的代码片段。 We are using .NET framework:我们正在使用 .NET 框架:

cert = new X509Certificate2("certpath", "pass", X509KeyStorageFlags.DefaultKeySet) client.ClientCertificates.Add(cert);

From what it seems the certificate chain is OK, because we can access to the WSDL with browser.看起来证书链没问题,因为我们可以用浏览器访问 WSDL。

To SUM up: We can access to endpoint with workstation but not with the server.总结:我们可以通过工作站访问端点,但不能通过服务器访问。 However the endpoint as accessible from browser (after certificate selection)但是可以从浏览器访问端点(在选择证书之后)

1 个解决方案

解决方案1
 0  2020-05-07 19:45:27

Lex Li pointed me to the right direction. Lex Li 为我指明了正确的方向。 When using wireshark I have noticed the Client Hello (my client was runnning on server 2008 R2 and 2012 R2) reached the destination server but it has returned handshake fail.使用wireshark时,我注意到客户端Hello(我的客户端在服务器2008 R2和2012 R2上运行)到达目标服务器,但它返回握手失败。

After detailed inspection I have noticed the Cipher Suites from my client app on server 2008 R2 (or server 2012 R2) did not match the Cipher Suite on destination server.经过详细检查后,我注意到服务器 2008 R2(或服务器 2012 R2)上的客户端应用程序中的密码套件与目标服务器上的密码套件不匹配。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 请求已中止:无法创建SSL / TLS安全通道沙箱帐户 - The request was aborted: Could not create SSL/TLS secure channel sandbox account 该请求已中止:无法为HttpWebRequest创建SSL / TLS安全通道 - The request was aborted: Could not create SSL/TLS secure channel for HttpWebRequest SChannel 错误:请求被中止:无法创建 SSL/TLS 安全通道 - SChannel error: The request was aborted: Could not create SSL/TLS secure channel 请求已中止:无法创建SSL / TLS安全通道 - SecurityProtocol行为 - The request was aborted: Could not create SSL/TLS secure channel - SecurityProtocol behavior 请求被中止无法创建 SSL/TLS 安全通道 - HttpWebRequest - The request was aborted could not create SSL/TLS secure channel - HttpWebRequest 该请求已中止:无法创建SSL / TLS安全通道 - The request was aborted: Could not create SSL/TLS secure channel 该请求已中止:无法创建SSL / TLS安全通道 - The request was aborted: Could not create SSL/TLS secure channel 将TLS证书添加到API请求中,但出现以下异常:请求已中止:无法创建SSL / TLS安全通道 - Adding TLS certificate to the API request with exception: The request was aborted: Could not create SSL/TLS secure channel 带有 TLS/SNI 的 Azure 上的 .net httpclient:请求被中止:无法创建 SSL/TLS 安全通道 - .net httpclient on Azure w/ TLS/SNI: The request was aborted: Could not create SSL/TLS secure channel X509 / SSL证书:请求已中止:无法创建SSL / TLS安全通道 - X509/SSL Certificate : The request was aborted: Could not create SSL/TLS secure channel
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM