客户端和服务器无法通信，因为它们无法处理常见的算法 [英] The client and server can not communicate, because they can not process a common algorithem

问题描述

获取响应服务时收到此错误。我在下面使用此代码

 private void GetAvailability（string propName，string propNum）
 {
 try 
 {
 GetPropertyCodeSeapines db = new GetPropertyCodeSeapines（）; 
 string soap = @<？xml version =1.0encoding =utf-8？> 
< soap12：Envelope xmlns：xsi =http：/ /www.w3.org/2001/XMLSchema-instancexmlns：xsd =http://www.w3.org/2001/XMLSchemaxmlns：soap12 =http://www.w3.org / 2003/05 / soap-envelope> 
< soap12：Header> 
< soapheader xmlns =http://www.800beachme.com/> 
<用户名> *********************< /用户名> 
<密码> *********** **********< /密码> 
< / soapheader> 
< / soap12：Header> 
< soap12：Body> 
< ; SPR_HHVR_AvailabilityByPropertyID xmlns =http://www.800beachme.com/> 
< HHVR_SPR_AVAILABLEDATA_RQ PropertyCode =+ propNum + @PropertyName =+ propName + @ /> 
< / SPR_HHVR_Availabili tyByPropertyID> 
< / soap12：Body> 
< / soap12：Envelope>; 
 
 
 HttpWebRequest req =（HttpWebRequest）WebRequest.Create（*****）; 
 req。 ContentType =application / soap + xml;; 
 req.Method =POST; 
 req.Accept =* / *; 
 req.UserAgent = @Fiddler; 
 req.KeepAlive = true; 
 req.ProtocolVersion = HttpVersion.Version10; 
 req.ServicePoint.ConnectionLimit = 24; 
 req.Headers.Add（UserAgent，Pentia ; MSI）; 
 ServicePointManager.Expect100Continue = true; 
 System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls; 
 
 // ServicePointManager .SecurityProtocol = SecurityProtocolType.Tls12; 
 ServicePointManager.SecurityProtocol =（SecurityProtoc olType）3072; 
 ServicePointManager.DefaultConnectionLimit = 9999; 
 
 // WebResponse response = req.GetResponse（）; 
 //流responseStream = response.GetResponseStream（）; 
 
使用（Stream stm = req.GetRequestStream（））
 {
使用（StreamWriter stmw = new StreamWriter（stm））
 {
 stmw。写（肥皂）; 
} 
} 
 
 WebResponse response = req.GetResponse（）; 

请帮帮我，我怎样才能摆脱这个问题。感谢您的帮助！



我的尝试：



我尝试使用TLS 1.0,1.1和1.2但是我总是得到这个响应。

解决方案

我在整个夏天都在努力实现PCI合规性以及行业加强安全性。

我的代码没有解决方案，但会指出你在正确的方向。



从我的据悉，你必须满足一定的要求。

你的电脑：

1.必须能够处理TLS 1.2并拥有足够的密码来支持它。

TLS-SSL设置 [ ^ ]



2.您的.Net版本必须支持TLS 1.2

TLS 1.2和.NET支持：如何避免连接错误Microsoft [ ^ ]



就代码而言，并非每项服务都支持TLS 1.2，因此您必须能够降档到较低版本，处理错误的ssl证书

 //覆盖任何SSL证书错误并设置加密级别
 ServicePointManager.ServerCertificateValidationCallback = certificate_Callback.CertificateValidationCallBack; 
 ServicePointManager.Expect100Continue = true; 
 ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls; 

编辑高级密码的PC或服务器注册表的快速方法是使用像IIS Crypto这样的工具，但需要时间来学习。

Nartac Software - IIS Crypto [ ^ ]



然后研究一下现在可以使用哪些密码，你需要一些较旧的密码连接到交换服务器，远程服务器工具，直到你升级它们。

TLS / SSL密码强化建议 - Acunetix [ ^ ]



学习PCI，关于SSL和TLS

PCI 3.1 ：停止你立刻唱出SSL和过时的TLS [ ^ ]



在附注中，

你真的应该获取WSDL文件并创建对代码的服务引用，然后使用soap客户端传输和接收soap响应。

但是你至少应该能够在传输之前处理TLS握手串

I am getting this error when getting response service. I am using this code below

private void GetAvailability(string propName, string propNum)
        {
            try
            {
                GetPropertyCodeSeapines db = new GetPropertyCodeSeapines();
                string soap = @"<?xml version=""1.0"" encoding=""utf-8""?>
                <soap12:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:soap12=""http://www.w3.org/2003/05/soap-envelope"">
                  <soap12:Header>
                    <soapheader xmlns=""http://www.800beachme.com/"">
                      <UserName>*********************</UserName>
                      <Password>*********************</Password>
                    </soapheader>
                  </soap12:Header>
                  <soap12:Body>
                    <SPR_HHVR_AvailabilityByPropertyID xmlns=""http://www.800beachme.com/"">
                      <HHVR_SPR_AVAILABLEDATA_RQ PropertyCode=""" + propNum + @""" PropertyName=""" + propName + @""" />
                    </SPR_HHVR_AvailabilityByPropertyID>
                  </soap12:Body>
                </soap12:Envelope>";

                
                HttpWebRequest req = (HttpWebRequest)WebRequest.Create("*****");
                req.ContentType = "application/soap+xml;";
                req.Method = "POST";
                req.Accept = "*/*";
                req.UserAgent = @"Fiddler";
                req.KeepAlive = true;
                req.ProtocolVersion = HttpVersion.Version10;
                req.ServicePoint.ConnectionLimit = 24;
                req.Headers.Add("UserAgent", "Pentia; MSI");
                ServicePointManager.Expect100Continue = true;
                System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
              
                //ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
                ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
                ServicePointManager.DefaultConnectionLimit = 9999;
                
                //WebResponse response = req.GetResponse();
                //Stream responseStream = response.GetResponseStream();

                using (Stream stm = req.GetRequestStream())
                {
                    using (StreamWriter stmw = new StreamWriter(stm))
                    {
                        stmw.Write(soap);
                    }
                }

                WebResponse response = req.GetResponse();

Please help me, How can i get rid off from this issue. your help will be appreciated!

What I have tried:

I tried with TLS 1.0, 1.1 and 1.2 but always I am getting this response.

解决方案

I was working with this over the summer for PCI Compliance and the shift in the industry to tighten up security.
I have no solution in code, but will point you in the right direction here.

From what I learned, you have to meet certain requirements.
Your PC:
1. Has to be able to process TLS 1.2 and have a cipher strong/weak enough to support it.
TLS-SSL Settings[^]

2. Your version of .Net has to support TLS 1.2
TLS 1.2 and .NET Support: How to Avoid Connection Errors | Microsoft[^]

As far as the code goes, not every service will support TLS 1.2 so you have to be able to downshift to lower versions, and handle a bad ssl certificate

//Override any SSL Certificate Errors and set the encryption levels
ServicePointManager.ServerCertificateValidationCallback = certificate_Callback.CertificateValidationCallBack;                
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

A Quick way to edit your pc or server registry for advanced ciphers is to use a tool like this IIS Crypto, but it takes time to learn.
Nartac Software - IIS Crypto[^]

And then study up on what ciphers are OK to use now days, you'll need some older ciphers to connect to exchange server, remote server tools until you upgrade those.
Recommendations for TLS/SSL Cipher Hardening - Acunetix[^]

And learn PCI, in relation to SSL and TLS
PCI 3.1: Stop Using SSL and Outdated TLS Immediately[^]

On a side note,
You really should get the WSDL file and create a service reference to code to, then use the soap client to transmit and receive the soap response.
But you should at least be able to process a TLS Handshake before transmitting your string

这篇关于客户端和服务器无法通信，因为它们无法处理常见的算法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！