.net core 互操作加密OpenSSLCryptography异常:错误:14094410:SSL例程:ssl3_读取_字节:sslv3警报握手失败
无论目标是.net core 互操作加密OpenSSLCryptography异常:错误:14094410:SSL例程:ssl3_读取_字节:sslv3警报握手失败,.net-core,tcpclient,sslstream,.net Core,Tcpclient,Sslstream,无论目标是net5.0还是net6.0框架,当试图创建sslstream时,它会在Ubuntu操作系统上运行时重复抛出错误,而在Windows操作系统上运行时,处理此错误的正确方法是什么 错误消息 System.Security.Authentication.AuthenticationException:身份验证失败,请参阅内部异常。 --->Interop+OpenSsl+SslException:SSL握手失败,出现OpenSsl错误-SSL\u错误\u SSL。 --->互操作+加密+O
net5.0
还是net6.0
框架,当试图创建sslstream
时,它会在Ubuntu操作系统上运行时重复抛出错误,而在Windows操作系统上运行时,处理此错误的正确方法是什么
错误消息
System.Security.Authentication.AuthenticationException:身份验证失败,请参阅内部异常。
--->Interop+OpenSsl+SslException:SSL握手失败,出现OpenSsl错误-SSL\u错误\u SSL。
--->互操作+加密+OpenSSLCryptography异常:错误:14094410:SSL例程:ssl3\u读取字节:sslv3警报握手失败
---内部异常堆栈跟踪的结束---
在Interop.OpenSsl.DoSslHandshake(SafeSslHandle上下文,只读span`1输入,字节[]和sendBuf,Int32和sendCount)
位于System.Net.Security.SslStreamPal.HandshakeInternal(安全免费凭据凭据、安全删除SSLContext和上下文、只读span`1输入缓冲区、字节[]和输出缓冲区、SslAuthenticationOptions SslAuthenticationOptions)
---内部异常堆栈跟踪的结束---
位于System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter适配器,布尔接收优先,字节[]重新验证数据,布尔ISAM)
示例代码
public static SslStream CreateSslStream(此TcpClient客户机,bool leavenstreamopen=false)
{
var validationCallback=新的RemoteCertificateValidationCallback(ValidateServerCertificate);
var selectionCallback=新的LocalCertificateSelectionCallback(SelectLocalCertificate);
返回新的SslStream(client.GetStream(),leaveInnerStreamOpen,validationCallback,selectionCallback);
}
我引用了票据:,现在问题解决了
/etc/ssl/openssl.cnf
# Add this in the head of the file
openssl_conf = openssl_init
#
# skip
#
# And the following in the end of the file
[openssl_init]
ssl_conf = ssl_config
[ssl_config]
system_default = tls_defaults
[tls_defaults]
CipherString = @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8
Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256
MinProtocol = TLSv1.2