獲取“無法創建SSL / TLS安全通道”
[英]Getting “Could not create SSL/TLS secure channel”
問題描述
我有一些網站有時無法連接到第三方SOAP WS。 當對第三方WS的請求很多時,這種情況最容易發生。 因此,它不會每次都失敗,只有幾次-並且主要是在有很多對第三方ws的請求時。
它已通過IIS Crypto在我們的本地服務器上修復。 之前選中了所有禁用復選框。
但是在Azure WebApp上,我們無法控制這些設置-任何想法該怎么做?
這是綁定代碼,還有更多與第三方肥皂水綁定的代碼:
public static CustomBinding GetDefaultBinding()
{
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
AsymmetricSecurityBindingElement securityElement = new AsymmetricSecurityBindingElement();
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12;
securityElement.InitiatorTokenParameters = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.IssuerSerial, SecurityTokenInclusionMode.Never);
securityElement.RecipientTokenParameters = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.IssuerSerial, SecurityTokenInclusionMode.Never);
securityElement.ProtectTokens = true;
securityElement.MessageProtectionOrder = MessageProtectionOrder.SignBeforeEncrypt;
securityElement.RequireSignatureConfirmation = true;
securityElement.SecurityHeaderLayout = SecurityHeaderLayout.Lax;
securityElement.EnableUnsecuredResponse = true;
securityElement.IncludeTimestamp = true;
securityElement.SetKeyDerivation(false);
securityElement.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic128Rsa15;
securityElement.EndpointSupportingTokenParameters.SignedEncrypted.Add(new UserNameSecurityTokenParameters());
securityElement.AllowSerializedSigningTokenOnReply = true;
CustomBinding myBinding = new CustomBinding();
myBinding.Elements.Add(securityElement);
TextMessageEncodingBindingElement element = new TextMessageEncodingBindingElement(MessageVersion.Soap11WSAddressing10, Encoding.UTF8);
element.ReaderQuotas.MaxStringContentLength = int.MaxValue;
element.ReaderQuotas.MaxDepth = int.MaxValue;
element.ReaderQuotas.MaxArrayLength = int.MaxValue;
element.ReaderQuotas.MaxBytesPerRead = int.MaxValue;
element.ReaderQuotas.MaxNameTableCharCount = int.MaxValue;
myBinding.Elements.Add(element);
HttpsTransportBindingElement httpsBindingElement = new HttpsTransportBindingElement();
httpsBindingElement.RequireClientCertificate = true;
httpsBindingElement.MaxBufferPoolSize = int.MaxValue;
httpsBindingElement.MaxBufferSize = int.MaxValue;
httpsBindingElement.MaxReceivedMessageSize = int.MaxValue;
httpsBindingElement.KeepAliveEnabled = false;
httpsBindingElement.AllowCookies = false;
myBinding.Elements.Add(httpsBindingElement);
myBinding.CloseTimeout = new TimeSpan(0, 10, 0);
myBinding.ReceiveTimeout = new TimeSpan(0, 10, 0);
myBinding.SendTimeout = new TimeSpan(0, 10, 0);
return myBinding;
}
private void ConfigureClientCredentials(ClientCredentials cc)
{
if (cc == null) return;
cc.UserName.UserName = Options.WebserviceUsername;
cc.UserName.Password = Options.AuthPassword;
cc.ClientCertificate.Certificate = Options.ClientCertificate;
cc.ServiceCertificate.DefaultCertificate = Options.IbaCertificate;
cc.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
}
private void ConfigureEndPoint(ServiceEndpoint endpoint)
{
endpoint.Contract.ProtectionLevel = ProtectionLevel.EncryptAndSign;
endpoint.EndpointBehaviors.Add(new CustomEndpointBehavior());
}
1 個解決方案
解決方案1
2 已采納 2017-12-11 07:00:23
第三方SOAP WS在一台服務器上配置了錯誤的SSL /芯片(負載均衡器設置),這導致了問題-因此,這在我的代碼中不是問題。
無法創建 SSL/TLS 安全通道 - 問題可能出在代理服務器上嗎?
[英]Could not create SSL/TLS secure channel - Could the problem be a proxy server?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
出現錯誤:無法創建SSL / TLS安全通道
無法為Facebook創建SSL / TLS安全通道
BufferNotEnough無法創建SSL / TLS安全通道
無法創建SSL / TLS安全通道-HttpWebRequest
.Net無法創建SSL / TLS安全通道
VisualStudio:無法創建SSL / TLS安全通道
RestSharp:無法創建SSL / TLS安全通道
HTTPWebRequest無法創建SSL / TLS安全通道
SSL Webservice:無法創建SSL / TLS安全通道
無法創建 SSL/TLS 安全通道 - 問題可能出在代理服務器上嗎?
相關標簽