当前位置：文江博客话题详情

该请求被中止：连接到旧的Web服务时无法创建SSL/TLS安全频道

发布于 2025-01-28 06:58:48 字数 1883 浏览 2 评论 0原文

我需要连接到旧的Web服务。这是一项政府服务，所以我无法做任何服务器方面。

首先，当我尝试通过浏览器连接到WSDL时，Chrome说：

本网站无法提供安全的连接。 “站点”使用和不支持的协议。

err_ssl_version_or_cipher_mismatch

进行了检查服务器，“ nor =” nofollow noreferrer“它确认服务器仅支持TLS1.0和SSL3。使用SHA1WITHRSA 1024位。实际上，在故障排除期间，我做了很多时间，但我认为最好在一开始就这么说。

此外，该服务器证书于2014年到期，并具有链接到私人地址的通用名称。

当我连接到Visual Studio 2019中的服务时，我会得到：

但是只有一次。我尝试了几次，并且总是得到：

现在，我在Stackoverflow和其他地方都搜索了许多建议的解决方案，因此这是我到目前为止的代码：

//ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls; // TLS 1.0
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => { return true; };

var binding = new ServiceModel.BasicHttpBinding(System.ServiceModel.BasicHttpSecurityMode.Transport);
var endpoint = new ServiceModel.EndpointAddress(url);

var client = new wsClient(binding, endpoint); // This is where code breaks

当使用SSL3协议时我有以下错误：

收到对'...'的HTTP响应时发生的错误。这可能是由于服务端点绑定不使用HTTP 协议。这也可能是由于HTTP请求上下文是由服务器中止（可能是由于服务关闭）。看服务器日志以获取更多详细信息。

而且，当使用TLS协议时，我会得到：

例外：无法与SSL/TLS建立安全的通道权威'...'innerexection：请求中止：无法创建SSL/TLS安全通道。

另外，使用TLS11，TLS12或TLS13时，我的错误与仅使用TLS时的错误相同。

ServerCertificateValidationCallback永远不会被调用，我认为连接永远不会达到这一点。

我还尝试使用SOAPUI连接到服务。它的响应是（将其配置为甚至尝试TLS1.0之后）：

收到致命警报：hernshake_failure

所以我真的被卡住了，我已经用尽了网络上发现的所有东西。我很感谢您的建议或建议。

原文

I need to connect to an old web service. It's a government service so I cannot do anything server side.

Firstly, when I try to connect to WSDL through browser, Chrome says:

This site can't provide a secure connection. 'Site' uses and unsupported protocol.

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Then, I inspected the server using SSL Labs Server test. It confirmed that server only supports TLS1.0 and SSL3. SHA1withRSA 1024 bit is used. Actually, I did this much later during my troubleshooting but I think it's best to say it at the beginning.

Also, the server certificate expired in 2014, and it has a Common Name linked to a private address.

When I connect to the service in the Visual Studio 2019 I get:

After that, Visual Studio somehow had connected to the service and generated client classes.

But only once. I tried several more times, and I always get:

Now, I have searched throughout StackOverflow and elsewhere, and I applied many of the proposed solution, so this is my code so far:

//ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls; // TLS 1.0
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => { return true; };

var binding = new ServiceModel.BasicHttpBinding(System.ServiceModel.BasicHttpSecurityMode.Transport);
var endpoint = new ServiceModel.EndpointAddress(url);

var client = new wsClient(binding, endpoint); // This is where code breaks

When using Ssl3 protocol I am getting following error:

An error occurred while receiving the HTTP response to '...'. This
could be due to the service endpoint binding not using the HTTP
protocol. This could also be due to an HTTP request context being
aborted by the server (possibly due to the service shutting down). See
server logs for more details.

And, when using Tls protocol I am getting:

Exception: Could not establish secure channel for SSL/TLS with
authority '...' InnerExeption: The request was aborted: Could not
create SSL/TLS secure channel.

Also, when using Tls11, Tls12 or Tls13 I am getting the same error as when using only Tls.

The ServerCertificateValidationCallback never gets called, I assume the connection never reaches that point.

I have also tried connecting to the service using SoapUI. And it response was (after configuring it to even try TLS1.0):