这一个是为我工作在MVC webclient

public string DownloadSite(string RefinedLink)
{
    try
    {
        Uri address = new Uri(RefinedLink);

        ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

        System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

        using (WebClient webClient = new WebClient())
        {
            var stream = webClient.OpenRead(address);
            using (StreamReader sr = new StreamReader(stream))
            {
                var page = sr.ReadToEnd();

                return page;
            }
        }

    }
    catch (Exception e)
    {
        log.Error("DownloadSite - error Lin = " + RefinedLink, e);
        return null;
    }
}

这样做帮助了我:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

system.net.webeexception:请求被中止:无法创建 SSL/TLS安全通道。

在我们的例子中，我们使用的是软件供应商，所以我们没有权限修改。net代码。显然。net 4不会使用TLS v 1.2，除非有变化。

我们的解决方法是将SchUseStrongCrypto键添加到注册表中。您可以将下面的代码复制/粘贴到扩展名为.reg的文本文件中并执行它。它是我们解决问题的“补丁”。

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001

在。net 4.5中，这个问题的解决方案是

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

如果你没有。net 4.5，那就使用

ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

在我的情况下，这个异常的根源是在代码的某些时候，下面的代码被调用:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

这真的很糟糕。它不仅指示. net使用不安全的协议，而且还会影响在您的应用域中随后发出的每一个新的WebClient(和类似的)请求。(请注意，传入的web请求在你的ASP中不受影响。NET应用程序，但新的WebClient请求，如与外部web服务对话，是)。

在我的情况下，它实际上并不需要，所以我可以删除该语句，所有其他的web请求重新开始正常工作。根据我在其他地方的阅读，我了解到一些事情:

This is a global setting in your appdomain, and if you have concurrent activity, you can't reliably set it to one value, do your action, and then set it back. Another action may take place during that small window and be impacted. The correct setting is to leave it default. This allows .NET to continue to use whatever is the most secure default value as time goes on and you upgrade frameworks. Setting it to TLS12 (which is the most secure as of this writing) will work now but in 5 years may start causing mysterious problems. If you really need to set a value, you should consider doing it in a separate specialized application or appdomain and find a way to talk between it and your main pool. Because it's a single global value, trying to manage it within a busy app pool will only lead to trouble. This answer: https://stackoverflow.com/a/26754917/7656 provides a possible solution by way of a custom proxy. (Note I have not personally implemented it.)

这些答案都不适合我，谷歌chrome和邮递员工作，握手服务器，但ie和。net不工作。在谷歌chrome在安全选项卡>连接显示加密和认证使用ECDHE_RSA与P-256和AES_256_GCM密码套件与服务器握手。

我在windows server 2012 R2上安装了IIS密码和密码套件列表，无法找到带有P-256和AES_256_GCM密码套件的ECDHE_RSA。然后我把Windows更新到上一个版本，但问题没有解决。最后在搜索之后，我明白了windows server 2012 R2不支持GSM，并将我的服务器更新到windows server 2016，我的问题解决了。