How to renegociate SSL connection every time = different ssl-SessionID (windows, C #)

Question

How to renegociate SSL connection every time = different ssl-SessionID (windows, C #)

How can I do in C # / Windows7 so that my application does not use the existing SSL connection. Actually, when I make a get request with HttpWebRequest on the https page, if an existing connection exists, then it uses that connection (= the same ssl-sessionid). I did some tests, and Windows 7 reconsider the ssl connection after 2 minutes. But I will make sure that he never uses an existing connection.

I tried many things: keep-alive, ClientCacheTime (regedit), ServicePointManager.SetTcpKeepAlive ...

Thank you so much !

  ServicePointManager.Expect100Continue = true; ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3; ServicePointManager.DnsRefreshTimeout = 200; /* ServicePointManager.SetTcpKeepAlive(false,0,0); ServicePointManager.DefaultConnectionLimit = 100; ServicePointManager.MaxServicePointIdleTime = 1;*/ // ServicePointManager.DefaultConnectionLimit = 1; uri = "https://server.com/test.jsp"; HttpWebRequest request = (HttpWebRequest) WebRequest.Create(uri); request.UserAgent = "Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)"; request.CookieContainer = cookieJar; request.ContentType = "text/xml";// content type request.KeepAlive = false; request.ProtocolVersion = HttpVersion.Version11; request.Method = "GET"; request.ConnectionGroupName = "dsd" + i; // request.ReadWriteTimeout = 2000; /* request.Timeout = 5000; request.UseDefaultCredentials = false; request.CachePolicy = new RequestCachePolicy(RequestCacheLevel.NoCacheNoStore); request.ConnectionGroupName = DateTime.Now.Ticks.ToString(); */ // X509Certificate2 cert = new X509Certificate2("C:\\a.crt", "abcd"); X509Certificate2 cert = new X509Certificate2(); request.ClientCertificates.Add(cert); /* request.PreAuthenticate = false; request.Pipelined = true;*/ WebResponse rsp = request.GetResponse(); string PageContent = new StreamReader(rsp.GetResponseStream()).ReadToEnd(); textBox1.Text = PageContent; request.ServicePoint.CloseConnectionGroup("dsd" + i); request.Abort(); request.ClientCertificates.Clear(); rsp.GetResponseStream().Close(); rsp.Close(); request.Abort();

+2

c # ssl

Misak Sep 14 '11 at 16:05

source share

1 answer

Yahia · Accepted Answer · 2011-09-14T16:21:42+0000

Since you did not specify in detail, there are just some general pointers:

set ServicePointManager.DnsRefreshTimeout to a very low value (default 2 minutes = 120,000 ms)
set the HttpWebRequest.ConnectionGroupName unique value for EVERY request
call HttpWebRequest.ServicePoint.CloseConnectionGroup with this value AFTER EVERY request
call HttpWebRequest.Abort AFTER EVERY request

The above may not happen by chance - depending on the OS version and the Framework version ...

I am curious: achieving this means that you have much less performance ... what is the purpose?

How to renegociate SSL connection every time = different ssl-SessionID (windows, C #)

More articles: