Azure ASE与SSL3上的旧版服务的出站连接 [英] Azure ASE Outbound connection to legacy service on SSL3

问题描述

你好团队

直到几天前，我都可以通过将ServicePointManager的SecurityProtocol设置为SSL3与旧式服务(托管在tomcat中)进行通信.但是，这弄乱了我与blob存储之类的云网络其余部分的通信. 然后，我意识到ServicePointManager的安全协议设置是AppDomain级别.因此，我使用该枚举上的标志来设置以下内容.

Up until couple of days back, I was in a position to communicate to my legacy service (hosted in tomcat) by setting the ServicePointManager's SecurityProtocol to SSL3. However this messed up my communication with the rest of the cloud network like blob store. I then realised that the ServicePointManager's security protocol setting is an AppDomain level letting. Hence I used the flags on that enumeration to set the following. 

ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.TLS11 | SecurityProtocolType.TLS12;

ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.TLS11 | SecurityProtocolType.TLS12;

通过上述设置，我可以与我的旧版服务以及我的其余云设置进行通信.

With the above setting I was in a position to communcate with my legacy service and also with the rest of my cloud setup.

但是，几天后，我与旧版服务器的通信停止了，并出现以下错误.

However, couple of days back my communication with the legacy srevice stopped working with the following error..

未处理的异常:System.Exception:将消息发送到端点时发生的异常.消息ID 82Exception = System.ComponentModel.Win32Exception(0x80004005):客户端和服务器无法通信，因为它们不具有公用 算法
    at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule，字符串包，CredentialUse intent，SecureCredential scc)
    at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage，SecureCredential& secureCredential)
    at System.Net.Security.SecureChannel.AcquireClientCredentials(Byte []& thumbPrint)
    at System.Net.Security.SecureChannel.GenerateToken(字节[]输入，Int32偏移量，Int32计数，字节[]&输出)
    at System.Net.Security.SecureChannel.NextMessage(字节[]传入，Int32偏移量，Int32计数)
    at System.Net.Security.SslState.StartSendBlob(字节[]传入，Int32计数，AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ForceAuthentication(布尔的receiveFirst，Byte []缓冲区，AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
    at System.Net.TlsStream.CallProcessAuthentication(对象状态)
    at System.Threading.ExecutionContext.RunInternal(ExecutionContext executeContext，ContextCallback回调，对象状态，布尔值saveSyncCtx)
    at System.Threading.ExecutionContext.Run(ExecutionContext executeContext，ContextCallback回调，对象状态，布尔值saveSyncCtx)
    at System.Threading.ExecutionContext.Run(ExecutionContext executeContext，ContextCallback回调，对象状态)
    at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult结果)
    at System.Net.TlsStream.Write(Byte []缓冲区，Int32偏移量，Int32大小)
    at System.Net.PooledStream.Write(Byte [] buffer，Int32 offset，Int32 size)
    at System.Net.ConnectStream.WriteHeaders(Boolean async)基础连接已关闭:接收时发生意外错误.

Unhandled Exception : System.Exception: Exception Occured while sending the message to the endpoint. Message id 82Exception =System.ComponentModel.Win32Exception (0x80004005): The client and server cannot communicate, because they do not possess a common algorithm
   at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)
   at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential& secureCredential)
   at System.Net.Security.SecureChannel.AcquireClientCredentials(Byte[]& thumbPrint)
   at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
   at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.TlsStream.CallProcessAuthentication(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
   at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.ConnectStream.WriteHeaders(Boolean async) The underlying connection was closed: An unexpected error occurred on a receive.

它为什么起作用以及为什么它停止起作用的任何原因?人们应该怎么做才能使其重新工作?暂时无法更改旧版服务.

Any reason why it was working and why it stopped working ? What should one do to get it working again? Changing the legacy service isn't an option at the moment.

KR

PG

推荐答案

System.Net.Http.HttpClient 并替换以下值:

I suggest you configure/modify System.Net.Http.HttpClient and replace the value as below:

这篇关于Azure ASE与SSL3上的旧版服务的出站连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！