谷歌Analytics（分析）訪問令牌 - TLS 1.1+

Question

我使用C＃從谷歌請求訪問令牌：

string serviceAccountEmail = ConfigurationManager.AppSettings["analyticsServiceAccountEmail"].ToString(); 
     string securityKey = ConfigurationManager.AppSettings["analyticsSecurityKeyLocation"].ToString(); 
     string password = ConfigurationManager.AppSettings["analyticsSecurityPassword"].ToString(); 

     var certificate = new X509Certificate2(securityKey, password, X509KeyStorageFlags.Exportable); 

     var scopes = new List<string> { "https://www.googleapis.com/auth/analytics.readonly", "https://www.googleapis.com/auth/analytics" }; 

     ServiceAccountCredential credential = new ServiceAccountCredential(
     new ServiceAccountCredential.Initializer(serviceAccountEmail) 
     { 
      Scopes = scopes 
     }.FromCertificate(certificate)); 

     Task<bool> task = credential.RequestAccessTokenAsync(CancellationToken.None); 

     task.Wait(); 

     if (!task.Result || credential.Token == null || string.IsNullOrEmpty(credential.Token.AccessToken)) 
     { 
     throw new Exception("Failed to get token from Google"); 
     } 

     return credential.Token.AccessToken; 

我不得不禁用TLS 1.0 PCI合規性。既然我已經做了，該代碼與以下錯誤打破：

One or more errors occurred.: An error occurred while sending the request.: The underlying connection was closed: An unexpected error occurred on a receive.: The client and server cannot communicate, because they do not possess a common algorithm

任何建議，我怎麼可以讓使用TLS 1.1或更高版本的電話嗎？

Answer 1

它已經在的Application_Start通過Global.asax中來完成：

請仔細閱讀本你做出改變之前：How do I disable SSL fallback and use only TLS for outbound connections in .NET? (Poodle mitigation)

做到這一點的方法是：

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 Or SecurityProtocolType.Tls11 Or SecurityProtocolType.Tls12 

這將打開關於SSL3的通信支持，如果適用，則回退到TLS 1.1或TLS 1.2。