我已禁用TLS 1.0和TLS 1.1。在Identity Server中运行(使用WebHostBuilder在Service Fabric群集中运行的v4,使用自签名证书针对.NET 4.6.2)。我在Startup.cs中添加了以下内容:
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
我收到以下错误:
System.InvalidOperationException: IDX10803: Unable to create to obtain
configuration from: 'https://services.mytest.com:8443/oauth/.well-
known/openid-configuration'. ---> System.IO.IOException: Unable to get
document from: https://services.mytest.com:8443/oauth/.well-
known/openid-configuration ---> System.Net.Http.HttpRequestException: An
error occurred while sending the request. ---> System.Net.WebException: The
underlying connection was closed: An unexpected error occurred on a receive.
---> System.ComponentModel.Win32Exception: The client and server cannot
communicate, because they do not possess a common algorithm
我已经看了这里的问题:
IDX10803: Unable to create to obtain configuration
Unable to obtain configuration from well-known/openid-configuration
我尝试了建议(包括将证书添加到受信任的根目录)
答案 0 :(得分:0)
我对该软件的了解不多,但是这里的问题不是证书不受信任(根据错误消息),而是您的服务器和客户端尝试在TLS握手期间协商哪个协议版本,加密的应该使用密码和密钥交换机制。客户端和服务器现在似乎不兼容。更改客户端或服务器。
另请参阅相关文章并提供可能的解决方案:
The client and server cannot communicate, because they do not possess a common algorithm