WebClient error when downloading file from https URL

Question

Trying to download XML file from an HTTPS URL (https://nvd.nist.gov/download/nvd-rss.xml)

This URL is openly accessible through browser.

Using C# Webclient with console project.

But getting Exception as below

using (WebClient client = new WebClient())
{
        System.Net.ServicePointManager.SecurityProtocol =
            System.Net.SecurityProtocolType.Ssl3;
        client.DownloadFile(uri, @"c:\test\nvd-rss.xml");
}

$exception {"The underlying connection was closed: An unexpected error occurred on a send."} System.Net.WebException

Tried adding all properties like SSL etc to system.Net, but did not solve it.

Answer 1

The reason is site in question supports only TLS 1.2. In .NET, default value for System.Net.ServicePointManager.SecurityProtocol is Ssl | Tls, which means that .NET client by default does not support Tls 1.2 (it does not list this protocol in the list of supported protocols during SSL negotiation). At least this is the case for many .NET Framework versions, not sure if for all. But .NET really do support TLS 1.2, and to enable it you should just do:

string uri = "https://nvd.nist.gov/download/nvd-rss.xml";
using (WebClient client = new WebClient())
{
     System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
     client.DownloadFile(uri, @"c:\test\nvd-rss.xml");
}

And you should be fine. Of course it's better to support more than one TLS 1.2 protocol, because System.Net.SecurityProtocolType is a global setting and not all sites support TLS 1.2:

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls | System.Net.SecurityProtocolType.Tls11 | System.Net.SecurityProtocolType.Tls12;

Answer 2

.NET 4.0. TLS 1.2 is not supported, but if you have .NET 4.5 (or above) installed on the system then you still can opt in for TLS 1.2 even if your application framework doesn’t support it. The only problem is that SecurityProtocolType in .NET 4.0 doesn’t have an entry for TLS1.2, so we’d have to use a numerical representation of this enum value:

ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

Answer 3

Try with this:

using (HttpClient client = new HttpClient())
{
      var response = await client.GetAsync("https://nvd.nist.gov/download/nvd-rss.xml");

      string xml = await response.Content.ReadAsStringAsync();
      //or as byte array if needed
      var xmlByteArray = await response.Content.ReadAsByteArrayAsync();
      //or as stream
      var xmlStream = await  response.Content.ReadAsStreamAsync();

      //write to file
       File.WriteAllBytes(@"c:\temp\test.xml", xmlByteArray)

 }