1. Johngo学长首页
  2. 技术点详细复盘专题
  3. 大数据

.Net Core部署Linux的坑

大数据 阅读 86

连接外部数据库问题(A connection was successfully established with the server, but then an error occurred during the pre-login handshake.)

.Net Core部署Linux的坑

具体错误:

System.Data.SqlClient.SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: SSL Provider, error: 31 - Encryption(ssl/tls) handshake failed)
 ---> System.IO.EndOfStreamException: End of stream reached
   at System.Data.SqlClient.SNI.SslOverTdsStream.ReadInternal(Byte[] buffer, Int32 offset, Int32 count, CancellationToken token, Boolean async)
   at System.Data.SqlClient.SNI.SslOverTdsStream.Read(Byte[] buffer, Int32 offset, Int32 count)
   at System.IO.Stream.Read(Span`1 buffer)
   at System.Net.Security.SslStream.FillHandshakeBufferAsync[TIOAdapter](TIOAdapter adapter, Int32 minSize)
   at System.Net.Security.SslStream.ReceiveBlobAsync[TIOAdapter](TIOAdapter adapter)
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
   at System.Net.Security.SslStream.ProcessAuthentication(Boolean isAsync, Boolean isApm, CancellationToken cancellationToken)
   at System.Net.Security.SslStream.AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
   at System.Data.SqlClient.SNI.SNITCPHandle.EnableSsl(UInt32 options)
   at System.Data.SqlClient.SNI.SNIProxy.EnableSsl(SNIHandle handle, UInt32 options)
   at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions,

原因是Ubuntu 20.04默认是最低的TLS是1.2版本,所以降级处理:

  1. 修改openssl.conf
sudo vim /etc/ssl/openssl.cnf
  1. 在 oid_section = new_oids 下增加:
openssl_conf = default_conf
  1. 文件末尾追加:
[default_conf]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT@SECLEVEL=1
  1. 保存文件并使之生效:
source /etc/profile

不生效则重启

Original: https://www.cnblogs.com/EminemJK/p/14500864.html
Author: 山治先生
Title: .Net Core部署Linux的坑

原创文章受到原创版权保护。转载请注明出处:https://www.johngo689.com/565050/

转载文章受原作者版权保护。转载请注明原作者出处!

(0)
0

【自取】最近整理的,有需要可以领取学习:



Linux核心资料大放送~

全栈面试题汇总(持续更新&可下载)

一个提高学习100%效率的工具!

【超详细】深度学习面试题目!

LeetCode Python刷题答案下载!

LeetCode Java版刷题答案下载!

LeetCode C++ 版本,抓紧保存!

LeetCode GO语言 刷题答案下载!

大家都在看

亲爱的 Coder【最近整理,可免费获取】👉 最新必读书单  | 👏 面试题下载  | 🌎 免费的AI知识星球