我编写了一个发送 HTTP(S) 请求的 .NET 应用程序。
之前,它是针对 .NET v4.5.2 构建的,基本上是根据下面的wannabe-MVCE:
ServicePointManager.Expect100Continue = True
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
Dim httpUrl As Uri = new Uri("https://some-website-with-ssl.com")
Dim request As HttpWebRequest
request = HttpWebRequest.Create(httpUrl)
request.Proxy = WebRequest.DefaultWebProxy
request.Proxy.Credentials = CredentialCache.DefaultNetworkCredentials
request.UserAgent = USERAGENT
request.AllowAutoRedirect = True
request.KeepAlive = False
Dim response As HttpWebResponse
response = DirectCast(request.GetResponse(), HttpWebResponse)
Catch ex As WebException
'
End Try
虽然它“在我的机器上”运行良好,但在我们客户的环境WebException中抛出了一个:
基础连接已关闭。无法为 SSL/TLS 安全通道建立信任关系
经过几次搜索,我发现可以使用 .NET-4.7.2 选择系统的协议类型,因为它提供SecurityProtocolType.SystemDefault. 我将目标升级到 4.7.2 并删除了该行,因为它是默认值,以及Expect100Continue设置,因为它也是True默认值。
现在客户端得到了很好的HTTP 200响应,但它触发了来自 Symantec Endpoint Protection 的通知:
Scan type: Auto-Protect Scan
Event: Security Risk Found!
Security risk detected: WS.Reputation.1
File: <...>
Location: Deleted or access blocked
Computer: <...>
User: <...>
Action taken: Leave Alone succeeded
Date found: <...>
为什么赛门铁克将其检测为一种潜在的WS.Reputation.1治疗方法?由于赛门铁克的启发式方法,我读到这是误报。可能是由于 SecurtityProtocol 值吗?
更新。我以这种方式设置了安全协议值,但这次没有触发赛门铁克警报:
ServicePointManager.SecurityProtocol =
ServicePointManager.SecurityProtocol Or
SecurityProtocolType.Tls Or
SecurityProtocolType.Tls11 Or
SecurityProtocolType.Tls12 Or
SecurityProtocolType.Ssl3
这让我想到默认值,SecurityProtocolType.SystemDefault是警报触发的来源。