Requesting html over https with c# Webclient
Solution 1
Have a read of this: http://support.microsoft.com/kb/915599
The server you are accessing doesn't support TLS so you will need to force it to use SSL3.
Add the following line to your call:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;
Here's a fully working example:
using System;
using System.IO;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
class Program
{
static void Main(string[] args)
{
Uri address = new Uri("https://archive.org/details/OTRR_In_The_Name_Of_The_Law_Singles");
ServicePointManager.ServerCertificateValidationCallback += ValidateRemoteCertificate;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 ;
using (WebClient webClient = new WebClient())
{
var stream = webClient.OpenRead(address);
using (StreamReader sr =new StreamReader(stream))
{
var page = sr.ReadToEnd();
}
}
}
/// <summary>
/// Certificate validation callback.
/// </summary>
private static bool ValidateRemoteCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
{
// If the certificate is a valid, signed certificate, return true.
if (error == System.Net.Security.SslPolicyErrors.None)
{
return true;
}
Console.WriteLine("X509Certificate [{0}] Policy Error: '{1}'",
cert.Subject,
error.ToString());
return false;
}
Solution 2
in .net Framework 4.0 add
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072; //TLS 1.2
Solution 3
Just add this line before var stream = webClient.OpenRead(address);
System.Net.ServicePointManager.ServerCertificateValidationCallback += (send, certificate, chain, sslPolicyErrors) => { return true; };
That should sort out the SSL/TLS error
Solution 4
I tried this example and received the error "The request was aborted: Could not create SSL/TLS secure channel"
To fix this problem it's possible to change the SecurityProtocol in my case Tls12 and it's working good.
RRadix
Updated on October 31, 2020Comments
-
RRadix over 3 years
I am attempting various html resources via c# WebClient class from a site I have no control over. When I attempt to access urls such as "https://archive.org/details/OTRR_In_The_Name_Of_The_Law_Singles"
I get the error: System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
I have found solutions that suggest I use the following code to ignore the certificate requirement and to make the webclient act as a browser, but I still recieve the same error
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback( delegate { return true; }); using(WebClient webClient = new WebClient()) { webClient.Headers["User-Agent"] = "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6 (.NET CLR 3.5.30729)"; webClient.Headers["Accept"] = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; webClient.Headers["Accept-Language"] = "en-us,en;q=0.5"; webClient.Headers["Accept-Encoding"] = "gzip,deflate"; webClient.Headers["Accept-Charset"] = "ISO-8859-1,utf-8;q=0.7,*;q=0.7"; StreamReader sr = new StreamReader(webClient.OpenRead(inputString)); }
-
mlhDev over 8 yearsKB 915599 targets .NET 1.1 SP 1, and OP is targeting at least .NET 3.5
-
David Martin over 6 yearsThe advice you give ignores certificate errors, so is probably not wise.
-
Pierre over 6 years@DavidMartin Agreed. But it all depends on the context it is used in. Sometimes it does not matter if it is secured or not. But everyone to their own I guess.
-
Roy Art over 6 yearsThere are 4 SecurityProtocolType options: Ssl3, Tls, Tls11, Tls12. I had to try each one to find that Tls12 worked for me.
-
H. Abraham Chavez almost 6 years@Pierre I followed your advice and someone downloaded my car.
-
Konstantin almost 6 yearsSave my time! Thank you!
-
Alex Pandrea over 5 yearsThis worked for me as well (
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
). Probably it depends on the server so you should try all values in the SecurityProtocolType enum type docs.microsoft.com/en-us/dotnet/api/…. But also add aServerCertificateValidationCallback
that returns true as in the other responses. -
Lazy Babe about 4 yearsThis is the only way to specify anything other than Ssl or Tls, for me (VS 2017)