1、使用Java开发的Web项目,部署在服务器Tomcat中
2、项目使用HTTPS,使用阿里云的PFX证书
阿里云推荐Tomcat配置如下
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" scheme="https" secure="true" keystoreFile="cert/214181506600131.pfx" keystoreType="PKCS12" keystorePass="证书密码" clientAuth="false" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2" ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256"/>
我的Tomcat的server.xml配置如下
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2" keystoreFile="C:/xxx.pfx" keyStoreType="PKCS12" keystorePass="xxx" ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256"/>
3、c#下的访问HTTPS代码如下
string Address = "https://www.myweb.com/customers"; string Parameters = "{\"pagesize\":\"2\",\"pageno\":\"2\",\"conditions\":{\"searchtext\":\"\",\"orderby\":\"\"}}"; HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(Address); request.Method = "POST"; request.Headers.Add("X-Requested-With", "XMLHttpRequest"); request.ContentType = "application/json"; request.UserAgent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0"; request.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; byte[] bytes = Encoding.UTF8.GetBytes(Parameters); request.ContentLength = bytes.Length; Stream poststream = request.GetRequestStream(); poststream.Write(bytes, 0, bytes.Length); poststream.Close(); HttpWebResponse response = request.GetResponse() as HttpWebResponse; StreamReader reader = new StreamReader(response.GetResponseStream(), Encoding.UTF8); string content = reader.ReadToEnd(); reader.Close(); response.Close(); return content
4、以上代码,在XP系统外的系统运行正常;在XP系统中出现连接超时的情况。
参考文档原文:https://stackoverflow.com/questions/26506432/how-to-make-tls-requests-in-net-4-on-windows-xp-to-servers-with-ssl3-disabled
这篇文章中说明了,XP系统和Tomcat之间连接不上,是因为一个加解密的东西不对应。
解决方案是Tomcat配置文件中的ciphers配置项中加入TLS_RSA_WITH_3DES_EDE_CBC_SHA这项配置
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2" keystoreFile="C:/xxx.pfx" keyStoreType="PKCS12" keystorePass="xxx" ciphers="...这里是之前设置的一堆项目...,TLS_RSA_WITH_3DES_EDE_CBC_SHA"/>
然后,XP系统就能正常和Tomcat连接了
【C#、阿里云、Tomcat、XP系统】c#下使用.NET4.0中HttpWebRequest访问Tomcat中HTTPS项目时,在XP系统中超时
原文:https://www.cnblogs.com/LiveYourLife/p/9087446.html