Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HttpClient requests only support Tls1.3 Website request failure #100799

Closed
Dylan-Jinx opened this issue Apr 9, 2024 · 6 comments
Closed

HttpClient requests only support Tls1.3 Website request failure #100799

Dylan-Jinx opened this issue Apr 9, 2024 · 6 comments
Labels
area-System.Net.Http
Milestone
9.0.0

Comments

@Dylan-Jinx
Copy link

Description

The HttpClient request only supports Tls1.3 website request failure, indicating that the SSL link fails to be established and that the bad protocol version is displayed internally in windows. Display platform not supported in apple environment

Reproduction Steps

Create an httpClient. Select any website that supports only tls1.3 to make a get request

Expected behavior

请求返回成功

Actual behavior

发生异常, 建立ssl链接失败

Regression?

No response

Known Workarounds

No response

Configuration

dotnet version: .net 8
OS: MacOs 14.4.1(ARM) or windows 11(x64)

Other information

No response
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/ncl
See info in area-owners.md if you want to be subscribed.

@dotnet-policy-service dotnet-policy-service bot added the untriaged New issue has not been triaged by the area owner label Apr 9, 2024
@huoyaoyuan
Copy link
Member

What if you set HttpClientHandler.SslProtocols to Tls13?

@Dylan-Jinx
Copy link
Author

@huoyaoyuan I set this attribute, but it still throw the same exception.

var url = "only support tls 1.3 website url";

var httpClientHandler = new HttpClientHandler();
httpClientHandler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
httpClientHandler.SslProtocols = System.Security.Authentication.SslProtocols.Tls11
    | System.Security.Authentication.SslProtocols.Tls12
    | System.Security.Authentication.SslProtocols.Tls13;


var client = new HttpClient(httpClientHandler);
var response = client.GetAsync(url).Result;

Console.ReadKey();

@huoyaoyuan
Copy link
Member

huoyaoyuan commented Apr 9, 2024
edited
Loading

How about Tls13 only, instead of Tls11|Tls12|Tls13? This can help to decide whether it's issue around protocol decision, or TLS1.3 handling.

@Dylan-Jinx
Copy link
Author

@huoyaoyuan I found that it works under windows11, and I think it has something to do with the operating system.

@dotnet-policy-service dotnet-policy-service bot removed the untriaged New issue has not been triaged by the area owner label Apr 9, 2024
@huoyaoyuan
Copy link
Member

TLS1.3 support on macOS is tracked at #1979.

@github-actions github-actions bot locked and limited conversation to collaborators May 9, 2024
@karelz karelz added this to the 9.0.0 milestone May 14, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
area-System.Net.Http
Projects
None yet
Milestone
9.0.0
Development

No branches or pull requests
3 participants
@huoyaoyuan @karelz @Dylan-Jinx