{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 成全新的幸福 的问题《Can't download files from the computer with en》','https://www.manongdao.com/q-335840.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm trying to implement a simple console application to download the files using Webclient.DownloadFile method over TLS 1.1/1.2 protocols. This is the code for the application:
var downloadUrl = "https://serverURL.com/sample.mp3";
var filename = "sample.mp3";
var myWebClient = new WebClient();
myWebClient.DownloadFile(downloadUrl, filename);
Everytime I run it I'm getting the following error message:
Unhandled Exception: System.Net.WebException:
The underlying connection was closed: An unexpected error occurred on a receive. --->
System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possessa common algorithm
at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)
at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential& secureCredential)
at System.Net.Security.SecureChannel.AcquireClientCredentials(Byte[]& thumbPrint)
at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.TlsStream.CallProcessAuthentication(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Net.WebClient.DownloadFile(Uri address, String fileName)
at System.Net.WebClient.DownloadFile(String address, String fileName)
at web_downloader.Program.Main(String[] args) in c:\Users\user\Documents\Visual Studio 2013\Projects\web_downloader\web_downloader\Program.cs:line 27
I have the following setup: web_downloader application is located on ServerA (Windows Server 2012 R2/64bit), which has the following in the registry key under HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Protocols:
PCT 1.0
--Client
----DisabledByDefault=1
----Enabled=0
--Server
----DisabledByDefault=1
----Enabled=0
SSL 2.0
--Client
----DisabledByDefault=1
----Enabled=0
--Server
----DisabledByDefault=1
----Enabled=0
SSL 3.0
--Client
----DisabledByDefault=1
----Enabled=0
--Server
----DisabledByDefault=1
----Enabled=0
TLS 1.0
--Client
----DisabledByDefault=1
----Enabled=0
--Server
----DisabledByDefault=1
----Enabled=0
TLS 1.1
--Client
----DisabledByDefault=0
----Enabled=1
--Server
----DisabledByDefault=0
----Enabled=1
TLS 1.2
--Client
----DisabledByDefault=0
----Enabled=1
--Server
----DisabledByDefault=0
----Enabled=1
And ServerB, which stores sample.mp3 file, has the following:
SSL 2.0
Client
DisabledByDefault=1
TLS 1.1
Client
DisabledByDefault=0
Enabled=1
Server
DisabledByDefault=0
Enabled=1
TLS 1.2
Client
DisabledByDefault=0
Enabled=1
Server
DisabledByDefault=0
Enabled=1
As soon as I enable TLS 1.0 on ServerA I'm able to download the mp3 file from ServerB (Windows 7/64bit/Net Framework 4.5.1) without any issues.
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing policy is disabled on both machines.
Am I missing any configuration parameters for DownloadFile method to work with TLS 1.1/1.2?
The .NET Framework uses its own settings to decide which HTTPS versions to use by default. See https://stackoverflow.com/a/169396/126229 for the
ServicePointManager.SecurityProtocolsetting to set on the client to ensure that it attempts to negotiate a TLS1.1 connection.You can also watch the outbound traffic with Fiddler (look at the
CONNECTTunnel's TextView Request inspector) for a breakdown of the ClientHello message. Be warned that running Fiddler with HTTPS-decryption enabled will interfere because Fiddler itself defaults to using SSL3+TLS1 to talk to servers.If you are working with .NET Framwork 3.5 or less, you can set only TLS 1.0 (putting the registry key), and you have to enable TLS 1.0 on Server.