WebClient error when downloading file from https URL

Pradeep H picture Pradeep H · Sep 3, 2016 · Viewed 20.5k times · Source

Trying to download xml file from https URL (https://nvd.nist.gov/download/nvd-rss.xml)

This URL is openly accessible through browser.

Using C# Webclient with console project.

But getting Exception as below

using (WebClient client = new WebClient())
{
        System.Net.ServicePointManager.SecurityProtocol =
            System.Net.SecurityProtocolType.Ssl3;
        client.DownloadFile(uri, @"c:\test\nvd-rss.xml");
}

$exception {"The underlying connection was closed: An unexpected error occurred on a send."} System.Net.WebException

Tried adding all properties like SSL etc to system.Net, but did not help.

Answer

Evk picture Evk · Sep 3, 2016

The reason is site in question supports only TLS 1.2. In .NET, default value for System.Net.ServicePointManager.SecurityProtocol is Ssl | Tls, which means that .NET client by default does not support Tls 1.2 (it does not list this protocol in the list of supported protocols during SSL negotiation). At least this is the case for many .NET Framework versions, not sure if for all. But .NET really do support TLS 1.2, and to enable it you should just do:

string uri = "https://nvd.nist.gov/download/nvd-rss.xml";
using (WebClient client = new WebClient())
{
     System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
     client.DownloadFile(uri, @"c:\test\nvd-rss.xml");
}

And you should be fine. Of course it's better to support more than one TLS 1.2 protocol, because System.Net.SecurityProtocolType is a global setting and not all sites support TLS 1.2:

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls | System.Net.SecurityProtocolType.Tls11 | System.Net.SecurityProtocolType.Tls12;