SSL握手超時

Question

我有2個由相同證書頒發機構頒發的客戶端身份驗證證書。其中一人讓我連接到一個HTTPS web服務，但其他沒有，當我使用類似下面的代碼：

HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create(endPointUrl); 
X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); 
store.Open(OpenFlags.MaxAllowed); 
X509CertificateCollection col = (X509CertificateCollection)store.Certificates.Find(X509FindType.FindBySerialNumber, certificateSerialNumber, true); 
httpWebRequest.ClientCertificates.Add(col[0]); 
httpWebRequest.Method = "POST"; 
httpWebRequest.ContentType = contentType; 
httpWebRequest.KeepAlive = false; 
httpWebRequest.Timeout = 3000; 
httpWebRequest.ContentLength = message.Length; 
httpRequestStream = httpWebRequest.GetRequestStream(); 

當試圖獲得請求的流，我得到一個InvalidOperationException與消息「操作已超時「。

我在嘗試連接失敗的證書時使用了System.Net.trace，並且日誌在「嘗試使用用戶提供的證書重新啓動會話」和第一個InitializeSecurityContext之後顯示連接超時。

Wireshark的顯示如下內容：

"TCP","j-link > https [SYN] Seq=0 Win=65535 Len=0 MSS=1260 SACK_PERM=1" 
"TCP","https > j-link [SYN, ACK] Seq=0 Ack=1 Win=32768 Len=0 MSS=1380" 
"TCP","j-link > https [ACK] Seq=1 Ack=1 Win=65535 Len=0" 
"TLSv1","Client Hello" 
"TLSv1","Server Hello" 
"TCP","[TCP segment of a reassembled PDU]" 
"TCP","j-link > https [ACK] Seq=78 Ack=2521 Win=65535 Len=0" 
"TLSv1","Certificate, Certificate Request, Server Hello Done" 
"TCP","j-link > https [ACK] Seq=78 Ack=3187 Win=64869 Len=0" 
"TCP","j-link > https [FIN, ACK] Seq=78 Ack=3187 Win=64869 Len=0" 
"TCP","https > j-link [ACK] Seq=3187 Ack=79 Win=32768 Len=0" 
"TLSv1","Alert (Level: Warning, Description: Close Notify)" 
"TCP","j-link > https [RST, ACK] Seq=79 Ack=3194 Win=0 Len=0" 

我可以導出它們，並將它們轉換爲PEM格式之後，使用兩個證書使用OpenSSL從命令行連接。

任何建議將不勝感激。

Answer 1

非常感謝Shawn's question幫助我解決了超時問題，這是因爲連接超過60秒纔會失敗。

然後我得到一個「請求被中止：無法創建SSL/TLS安全通道。」錯誤，這是通過使用Windows HTTP Services Certificate Configuration Tool和我獲得的信息here解決的。