ADBLOCKを無効にする

ADBlockがサイトの一部のコンテンツをブロックしています

ADBlock errore

The request was aborted: Could not create SSL/TLS secure channel

StackOverflow https://stackoverflow.com/questions/2859790

質問

We are unable to connect to an HTTPS server using WebRequest because of this error message:

The request was aborted: Could not create SSL/TLS secure channel.

We know that the server doesn't have a valid HTTPS certificate with the path used, but to bypass this issue, we use the following code that we've taken from another StackOverflow post:

private void Somewhere() {
    ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(AlwaysGoodCertificate);
}

private static bool AlwaysGoodCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors policyErrors) {
   return true;
}

The problem is that server never validates the certificate and fails with the above error. Does anyone have any idea of what should I do?


I should mention that a colleague and I performed tests a few weeks ago and it was working fine with something similar to what I wrote above. The only "major difference" we've found is that I'm using Windows 7 and he was using Windows XP. Does that change something?

溶液

?????????????(?????????????????????????????)?

??????Windows XP????????Windows 7???????????????????????:

// using System.Net;
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
// Use SecurityProtocolType.Ssl3 if needed for compatibility reasons

?????????????????

???

???????????????????12??????SSL3?????????????????????????????3?2018?????????????????????????????TLS?????????????????????????????????

その他のヒント

.NET 4.5???????????

?????
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

??.NET 4.5?????????????

ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

??ServicePointManager???HttpWebRequest?????????????????????

?????????????

????:

        ServicePointManager.Expect100Continue = true;
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
               | SecurityProtocolType.Tls11
               | SecurityProtocolType.Tls12
               | SecurityProtocolType.Ssl3;

        HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://google.com/api/")

?????:

        HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://google.com/api/")

        ServicePointManager.Expect100Continue = true;
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
               | SecurityProtocolType.Tls11
               | SecurityProtocolType.Tls12
               | SecurityProtocolType.Ssl3;

?????????????ASPNET??????????????????????????????????winhttpcertcfg.exe?????????????????????

????????????????????????: http://support.microsoft.com/kb/901183??

????????2??

EDIT:IIS???????????????????????????????????? - ????????????????????????????????????????????????????????: https://serverfault.com/questions/131046/how-to-grant-iis-7-5-access-to-a-certificate-in-certificate-store/132791#132791 ?

?????????????SSL / TLS?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

????????SChannel???????????????????????????? SChannel???SSL?TLS???SSPI??????????????????????????????????? TLS / SSL???????

??? Schannel?????????????????????????

???????????????????? https://ct.mob0.com/Styles/Fun.png????CDN??SPDY??????????SSL?????????????????????

??CloudFlare???????????????? ?????????????SSL3????????????Tls12???????????????????????????:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
new WebClient().DownloadData("https://ct.mob0.com/Styles/Fun.png");

???ASP.NET????????????????????????????????????????????????????????????????????????Web??????????????????IIS????????????????????????LocalSystem??NetworkService??????????????????????????????????

?????????????????NetworkService??????????????????????????????????????????

?????????????????????????????????????????????????????

ServicePointManager.Expect100Continue = true;
        ServicePointManager.DefaultConnectionLimit = 9999;
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;

????????????????????????????????????????????????????????????????????????????????????????????????????????????????

?????????]?????

???????????:SSL / TLS???????????????????????????????????HTTP???????HTTP 401???????????????????????????????

? ?????????????????????????????????????·????System.Net?????????????????????

??????????????????

:????????????????

?????????????????????????????????????

System.Net Information: 0 : [9840] Connection#62912200 - Received status line: Version=1.1, StatusCode=401, StatusDescription=Unauthorized.
?????????????????SSL???????????/ TLS????????????????????????401??????????????????????????????????????????????????????????????

?????????????????????????????????????????????????

ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

??????????????????????????????????????.NET??????????????????????Web??????(????)???????AppDomain????????? (????Web???????????ASP.NET???????????????????????????Web?????????????Web????????????????????????)?

??????????????????????????Web??????????????????

???????????????????????????????????????????????????????????

  • ???????AppDomain??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
  • ????????????????????????????.NET???????????????????????????????????????????????????????????????? (???????????????)TLS12????????????????????5?????????????????????????????
  • ?????????????????????
  • ??????????????????????AppDomain??????????????????????????????????????????????????????????????????????????????????????????????????????????????: https://stackoverflow.com/a/26754917/7656 ???????????????????????????? (??????????????????????????)

??1??MVC?Web??????????????????

    public string DownloadSite(string RefinedLink)
    {
        try
        {
            Uri address = new Uri(RefinedLink);

            ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

            System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

            using (WebClient webClient = new WebClient())
            {
                var stream = webClient.OpenRead(address);
                using (StreamReader sr = new StreamReader(stream))
                {
                    var page = sr.ReadToEnd();

                    return page;
                }
            }

        }
        catch (Exception e)
        {
            log.Error("DownloadSite - error Lin = " + RefinedLink, e);
            return null;
        }
    }

????????????????????????????????????????????????????????????...?

????WebRequest.Timeout?0??????????

??????????????????????????????...?

(??????????????????????0?????0??????????????????????)
WebRequest webRequest = WebRequest.Create(@"https://myservice/path");
webRequest.ContentType = "text/html";
webRequest.Method = "POST";
string body = "...";
byte[] bytes = Encoding.ASCII.GetBytes(body);
webRequest.ContentLength = bytes.Length;
var os = webRequest.GetRequestStream();
os.Write(bytes, 0, bytes.Length);
os.Close();
webRequest.Timeout = 0; //setting the timeout to 0 causes the request to fail
WebResponse webResponse = webRequest.GetResponse(); //Exception thrown here ...

The request was aborted: Could not create SSL/TLS secure channel????????????????????????????????????????????????????????PC??????cipher_suites???????????????????????????????????SSL???????/?????????Hello?????????????????????cipher_suites?????????????????????????????????????????????????????????SSL????????????????? ?????"??????????????

??????????????

?? Microsoft?????Analyzer?????????????????????(????C#?????)??????HTTPS???????????????????????SSL????????????????????????????

???????????????(???Windows XP??????????HTTPS???????????? - ?????OS??????????????????Microsoft????????HTTPS URL????????)???????Firefox???SSL??????????????????????????????????????????????????????????

???????????????????????????SSL???????????????????????????????2????????Hello??????????????????????????????????????????????Windows???????????????????
IISCrypto ????IIS?????????????????????PC?(?????????????????? )?

???2??Windows??????????????PC?????cipher_suites???????:

  • HKLM \ SOFTWARE \????\???????\???\??\ SSL \ 00010002???
  • HKLM \ SYSTEM \ CURRENTCONTROLSET \??????\???\??\????\ SSL \ 00010002???

?????Could not create SSL/TLS secure channel????????????????????????????????????: http://blog.jonschneider.com/2016/08/fix-ssl-handshaking-error-in-windows.html ?

???????????????????

??.NET 4.5?????????????????

?????????????????

??????4.0???????????????????????????????????????irreversable???(????4.5??????????????????)?

???????????????????????????:SSL / TLS??????????????????????????????

?????????????

???????Windows????????????????????????????TLS???SSL?????????????????????????

???????????????

  

[?????????] - > [??????????????] - > [????????????] - > [????

?????????????????????????????
  • SSL 2.0?????
  • SSL 3.0?????
  • TLS 1.0?????
  • ?????TLS 1.1???
  • ?????TLS 1.2???

 ??????????? ?

??web.config????????????????????????:

<httpRuntime targetFramework="4.5.2" />

?????:

<httpRuntime targetFramework="4.6.1" />

??????????????????????????????????????????????????????????????????????????????????

  1. MMC???
  2. ?????
  3. ?????
  4. ??????
  5. CERT???
  6. ???
  7. ??????????
  8. ??????????
  9. ????????
  10. ??

?????Visual Studio???????????????????????????Visual Studio??????????????????????????

????????????

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

?????????????????????????????????????????????????TLS 1.2????????SSL / TLS??????????????????????????????????????????????????????????????????????????????????????????????????????:TLS / SSL?????????????????????????????????????????????????????????????????????????SSL?????????????????????????????????????-????????????????????????Windows?????????????????????????????????????&??????????????(???????????????????)?????????????????????????????????????????????????40??????????????????????.NET???????SSL / TLS??????????????????????????????

???????????????????????????????????????Windows????????????????????????????????????????????????????????????????????????MSIE???????????????????? (System.Net????????????????????????????????)??????????????????????????????????????????????????????(????????????????????????)?????????????????????????????????????????????????????????????? (???????????????????????????VM????????????????????????????VM????)

???????????????????????????????????????????????????????????ECDHE_ECDSA??????????????????????(???????)????????????????????????(???????)??????????:????.NET???????(???MSIE??????????????????????????????????????)??Python???????SSL???????????????????

?

????????????Web???????IIS????????????????????????????????????IIS???????????????????????????????????????

ASP.NET??????????????????????????????

??????Windows??????Web??????????????????????????????????????????????Windows???????????

  

????ID 36888(Schannel?)??????:

The following fatal alert was generated: 40. The internal error state is 808.

?????Windows??????????????????????:KB3172605???KB3177186

VMware?????????????????Windows?????????????????????????????????????????????

  

[HKEY_LOCAL_MACHINE \ SYSTEM \ CURRENTCONTROLSET \??????\ SecurityProviders \ SCHANNEL \ KeyExchangeAlgorithms \?????·????

"ClientMinKeyBitLength" = DWORD?:00000200

????????????????HTTPS?????????????????????

???????Windows???????:

wmic qfe list

???????????:

https://communities.vmware.com/message/2604912#2604912??

????????????

?????????????????

?????????????

???????X509Certifiacte2??????????:

   var certificate = new X509Certificate2(bytes, pass);

???????????????

   var certificate = new X509Certificate2(bytes, pass, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

?????X509KeyStorageFlags.Exportable? !! ?

?????(WebRequest??)?????????????????

// I'm not even sure the first two lines are necessary:
ServicePointManager.Expect100Continue = true; 
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

request = (HttpWebRequest)WebRequest.Create(string.Format("https://{0}.sii.cl/cvc_cgi/dte/of_solicita_folios", server));
request.Method = "GET";
request.Referer = string.Format("https://hercules.sii.cl/cgi_AUT2000/autInicio.cgi?referencia=https://{0}.sii.cl/cvc_cgi/dte/of_solicita_folios", servidor);
request.UserAgent = "Mozilla/4.0";
request.ClientCertificates.Add(certificate);
request.CookieContainer = new CookieContainer();

using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
    // etc...
}

???????????2????????????????...

????????????????????????

?????????????????????????????????????????????????????????????????????????????????????Microsoft???????

https://support.microsoft.com/en-us/help/4458166/applications-that-rely-on-tls-1-2-strong-encryption-experience-connect??

:?????????SSL / TLS???????????????????????????????????????????????

??????MS???????????????????????OS???????TLS 1.2??????

3??????????

HTTP:

1)??????OS????/ /www.catalog.update.microsoft.com/Search.aspx?q=kb4458166??

2)????app.config?/ web.config??????????????

3)?????????????????????????

????????????????????????????????

?????????????????????????????????????????(?????????????SSL?????????????)?????????????????????

?????????????????????????????????????????????????????????????????????????SSL 3.0????????????????????Google???????????????????????Web?????????????????????????????????????????????TLS 1.2???????????????????

???http://googleonlinesecurity.blogspot? COM / 10??2014 /??-????-??-??-SSL-30.html??

???????????????????????????????????????RC4????????????????????????????????????????????????????RC4?????????

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow