The reason is site in question supports only TLS 1.2. In .NET, default value for System.Net.ServicePointManager.SecurityProtocol
is Ssl
| Tls
, which means that .NET client by default does not support Tls 1.2 (it does not list this protocol in the list of supported protocols during SSL negotiation). At least this is the case for many .NET Framework versions, not sure if for all. But .NET really do support TLS 1.2, and to enable it you should just do:
string uri = "https://nvd.nist.gov/download/nvd-rss.xml";
using (WebClient client = new WebClient())
{
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
client.DownloadFile(uri, @"c:est
vd-rss.xml");
}
And you should be fine.
Of course it's better to support more than one TLS 1.2 protocol, because System.Net.SecurityProtocolType is a global setting and not all sites support TLS 1.2:
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls | System.Net.SecurityProtocolType.Tls11 | System.Net.SecurityProtocolType.Tls12;
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…