来自C#的服务器名称指示 [英] Server Name Indication from C#

问题描述

据我所知，.NET中似乎存在很大的局限性，因为无法使用C#和.NET建立使用服务器名称指示(SNI)的TLS连接.我错过了什么吗?或者我的理解正确吗?

As far as I can tell, there seems to be a big limitation in .NET in that there is no way using C# and .NET to make an TLS connection that uses Server Name Indication (SNI). Have I missed something or is my understanding correct?

有人知道是否可以以及如何使用OpenSSL.NET，libcurl.NET或其他第三方.NET库建立SNI连接?一些示例代码将不胜感激.

Does anybody know if and how I could make an SNI connection using OpenSSL.NET, libcurl.NET or some other 3rd party .NET library? Some sample code would be very much appreciated.

推荐答案

在我的.Net 4.5项目中，对于使用SNI的服务器，以下操作失败:

In my .Net 4.5 project the following fails for a server using SNI:

var url = "https://www.somesite.com";
System.Net.WebClient client = new System.Net.WebClient();
client.Encoding = Encoding.UTF8;
var data = client.DownloadString(url);

但是，如果通过使用以下前缀明确指定TLS1.2则有效:

But it works if explicitly specifying TLS1.2 by prefixing it with:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

同样适用于webrequest:

The same applies to webrequest:

WebRequest request = WebRequest.Create("https://www.somesite.com");

和HttpRequestMessage:

and HttpRequestMessage:

var httpRequestMessage = new HttpRequestMessage(HttpMethod.Get, "https://www.google.com");

他们都需要将协议显式设置为TLS 1.2才能与SNI服务器一起使用(在新的.Net版本中可能已更改)

They all need the protocol explicitly set to TLS 1.2 to work with an SNI server (this may have changed in newer .Net versions)

这篇关于来自C#的服务器名称指示的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！