ServicePointManager.ServerCertificateValidationCallback?忽略WebClient

Question

我使用WebClient从MVC5项目的外部网站获取数据：

        using (var client = new WebClient())
        {
            var result = client.DownloadString(url);

            return this.Content(result);
        }

然而，请求的URL使用TLS，但我们正处于开发阶段，因此他们使用自己的证书，这显然是不合法的。因此，我收到这一例外：

[IOException: Authentication failed because the remote party has closed the transport stream.]
   System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) +6587998
   System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) +132
   System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) +59
   System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) +247
   System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) +137
   System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) +119
   System.Net.TlsStream.CallProcessAuthentication(Object state) +38
   System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) +166
   System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) +21
   System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) +64
   System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) +797
   System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) +52
   System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) +19
   System.Net.ConnectStream.WriteHeaders(Boolean async) +142

我读过许多其他文章，所以我在我的Global.asax Application_Start方法中添加了这些代码：

        System.Net.ServicePointManager.ServerCertificateValidationCallback =
            (s, cert, chain, sslPolicyErrors) =>
            {
                return true;
            };

然而，结果保持不变。我甚至尝试在回调集行放置断点，在return true行放置1断点。在开始时，断点按有意命中。但是，当WebClient调用时，return true行的断点永远不会被击中。

WebClient是否使用另一种CallBack方法？我该如何解决这个问题？

Answer 1

问题是你必须添加这样的东西

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 
                                     | SecurityProtocolType.Tls12;

但这取决于它所支持的协议。你可以在这里查一下，https://www.ssllabs.com

这是我从这个网站协议得到的结果。

TLS 1.2是TLS 1.1是TLS 1.0无SSL 3无SSL 2 No