ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3和Cipher Suite（C＃）

本文介绍了ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3和Cipher Suite（C＃）的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

您好，

我应该将每个HttpWebRequest的服务器连接到一个TLS密码套件（可能是ECDHE-RSA-AES256-GCM-SHA384）

I should to connect a Server per HttpWebRequest with one of TLS Cipher Suites (possible ECDHE-RSA-AES256-GCM-SHA384)

如果我在Windows Server 2016 Standard下使用MS Framework 4.6.1以下命令（C＃）：

If I use under Windows Server 2016 Standard with MS Framework 4.6.1 following command (C#):

ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

是已包含的密码套件之一？

is one of Cipher Suites already included?

如果不是，我该怎么办？如何扩展下面的代码以达到这个目标？

If no, what should I do? How can I expand the code below to achive this goal?

谢谢

     private static String sendRequest(Uri url, NameValueCollection nvc)
        {
            CookieContainer cookieJar = new CookieContainer();
            ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
                   | SecurityProtocolType.Tls11
                   | SecurityProtocolType.Tls12
                   | SecurityProtocolType.Ssl3;

            ServicePointManager.Expect100Continue = true;

            HttpWebRequest HttpWReq = (HttpWebRequest)WebRequest.Create(url.ToString());

            ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

            HttpWReq.ProtocolVersion = HttpVersion.Version10;
            HttpWReq.Timeout = Timeout.Infinite;
            HttpWReq.ReadWriteTimeout = Timeout.Infinite;


            HttpWReq.CookieContainer = cookieJar;
            HttpWReq.Method = "POST";
            HttpWReq.Accept = "*/*";
            // req3.Headers.Add("Pragma", "no-cache");
            // req3.Headers.Add("Accept-Language", "en-gb");
            HttpWReq.AllowAutoRedirect = true;
            HttpWReq.KeepAlive = true;
            HttpWReq.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)";
            HttpWReq.ContentType = "application/x-www-form-urlencoded";
            HttpWReq.ProtocolVersion = HttpVersion.Version10;

            var sbPostData = new StringBuilder();

            sbPostData = CreateParameterString(nvc);
            var parameterString = (System.Text.Encoding.GetEncoding(iWinCodePage)).GetBytes(sbPostData.ToString());

            if (sbPostData.ToString().Length > 0)
            {
                HttpWReq.ContentLength = sbPostData.ToString().Length;
            }
            String responseString = "";

            if (sbPostData.ToString().Length > 0)
            {
                Stream requestStream = HttpWReq.GetRequestStream();
                requestStream.Write(parameterString, 0, parameterString.Length);
                requestStream.Close();
            }

            HttpWebResponse HttpWResp = (HttpWebResponse)HttpWReq.GetResponse();

            StringBuilder response = new StringBuilder();

            using (StreamReader sr = new StreamReader(HttpWResp.GetResponseStream(), System.Text.Encoding.GetEncoding(iWinCodePage), true))
            {
				response = sr.ReadToEnd();
            }

            responseString = response.ToString();

            return responseString;

        }

推荐答案

检查"隧道到"。请求（不启用SSL解密，因为Fiddler在执行此操作时可能会重新协商不同的密码）。在右侧面板的上半部分，"检查员"标签页， """""查看，看看你的
想要使用的密码是否包含在内（我的密码显示为[C028]）。

Check the "Tunnel to" request (do not enable SSL decryption because Fiddler may renegotiate a different cipher when doing so). On upper part of right panel, "Inspectors" tab page, "Raw" view, see if the Cipher you want to use is included (Mine shown that cipher as [C028]).

然后到右侧面板的下半部分，仍然是" ;原料"查看，看看你想要的密码是否被拿起。

Then to the lower part of right panel, still the "Raw" view, see if the cipher you want is picked up.

在我的情况下，MSDN网站选择退货：

In my case, the MSDN site choose returns:

版本：3.3（TLS / 1.2）

SessionID： 86 02 C9 D4 6F B1 D0 84 A2 86 DD 69 95 15 1E 30 80 ED 78 D4 6C C4 AF EC 9A 2C 19 97 A3 A5 2C 68
$
随机： 28 7E D5 64 2D 1B F4 CB 56 DF F5 1B AD F3 2B 15 61 04 10 76 95 77 1B 3D F9 25 7C 0D B7 06 EA BB

密码：   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 [0xC028]

CompressionSuite： NO_COMPRESSION [0x00]

扩展：

   renegotiation_info 00

   server_name empty

   ec_point_formats uncompressed [0x0]，ansiX962_compressed_prime [0x1]，ansiX962_compressed_char2 [0x2]

   status_request（OCSP-stapling） empty

Version: 3.3 (TLS/1.2)
SessionID: 86 02 C9 D4 6F B1 D0 84 A2 86 DD 69 95 15 1E 30 80 ED 78 D4 6C C4 AF EC 9A 2C 19 97 A3 A5 2C 68
Random:  28 7E D5 64 2D 1B F4 CB 56 DF F5 1B AD F3 2B 15 61 04 10 76 95 77 1B 3D F9 25 7C 0D B7 06 EA BB
Cipher:  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 [0xC028]
CompressionSuite: NO_COMPRESSION [0x00]
Extensions:
  renegotiation_info 00
  server_name empty
  ec_point_formats uncompressed [0x0], ansiX962_compressed_prime [0x1], ansiX962_compressed_char2 [0x2]
  status_request (OCSP-stapling) empty

这篇关于ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3和Cipher Suite（C＃）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！