在c#中使用此证书后不能正常链接


#1

hello.
after i use the cert on my domain https://dorm.skyqq.cc, I can’t connect the https domain in c# program. But if i connect it without ssl cert It will works well.
if you know chinese You can read the next.
你好,我在我的域名dorm.skyqq.cc使用你们的证书以后,在c#程序中不能正常链接(但是我用http能正常链接,而且访问https://baidu.com也是可以的…)


#2

Can you post the C# code and the error message?

https://dorm.skyqq.cc/ has a reasonable configuration, so most clients should work.

https://www.ssllabs.com/ssltest/analyze.html?d=dorm.skyqq.cc&hideResults=on


#3

Please Wait.I will post it.
Can you know chinese.
if you can i will use chinese


#4

您好,

请问是否有任何错误代码? 并且请您查看下您的Cabundle file 有没有信任DTS Root CA?

谢谢

P.S. 请您尽量使用英文回复… 因为我对于C不是特别了解…


#5
            HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(Url);
            request.Method = "POST";
            request.ContentType = "text/html;charset=UTF-8";
            System.Net.ServicePointManager.DefaultConnectionLimit = 200;
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
              byte[] rsadata = Encoding.ASCII.GetBytes(String.Format("data={0}&encrypt={1}",data, common));

              request.ContentLength = rsadata.Length;
              request.GetRequestStream().Write(rsadata, 0, rsadata.Length);
              request.GetRequestStream().Flush();
              request.GetRequestStream().Close();
              HttpWebResponse response = (HttpWebResponse)request.GetResponse();
              StreamReader sr = new StreamReader(response.GetResponseStream());              
              string retString = sr.ReadToEnd();
              sr.Close();
              Console.Write(retString);
              return retString;

以上是代码,而且我想说的是,我在C#之外,例如在浏览器中也是能正常访问的,就是在c#中不可以而已…而且其他网站如百度,在c#中的https还是能访问的,但是我的https却是不行的…但是http就一切正常了…最后我换了一个DV的免费证书也是一样:sob::sob::sob::sob:


#6

您好,

该问题可能是因为您的网站不支持TLS1 (TLS1.1 及1.2可以正常使用),而百度和谷歌都可以使用TLS1连接
请问您是否可以尝试将ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls; 放在代码第一行呢? (同时请删除SSL3 和纯TLS)

English Version:

The issue might occur due to the fact that your site does not have TLS1 enabled, (and the .net client does not use TLS1.1 & TLS1.2 by default)… baidu.com & google.com both supports TLS1… Also, could you please try to place the ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls; to the beginning of the code? (Please also delete TLS & SSL3 from this line since your server does not support it)

如下代码:

  ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11;
  HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(Url);
  request.Method = "POST";
  request.ContentType = "text/html;charset=UTF-8";
  System.Net.ServicePointManager.DefaultConnectionLimit = 200;
  byte[] rsadata = Encoding.ASCII.GetBytes(String.Format("data={0}&encrypt={1}",data, common));

  request.ContentLength = rsadata.Length;
  request.GetRequestStream().Write(rsadata, 0, rsadata.Length);
  request.GetRequestStream().Flush();
  request.GetRequestStream().Close();
  HttpWebResponse response = (HttpWebResponse)request.GetResponse();
  StreamReader sr = new StreamReader(response.GetResponseStream());              
  string retString = sr.ReadToEnd();
  sr.Close();
  Console.Write(retString);
  return retString;

So in order to use TLS 1.2 or TLS 1.1 in .NET 4.5+, you will need to set SecurityProtocol as below before any WebRequest calls.

Referrence: http://csharp.tips/tip/article/802-using-tls-1-2-in-csharp

谢谢
Thank you

P.S. 请您尝试使用https://www.telerik.com/fiddler 进行调试…
You could also use the debug tool fiddler to debug this issue…


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.