可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
I got TLS 1.0 disabled. So we are trying to use TLS 1.2 in our .Net application which is using .Net Framework 4.0.
I have added the code for this at the start
System.Net.ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
It works perfectly on my local system.
But i am not sure why its not working when I deploy the code on server (Windows Server 2008 R2). I checked everything. .Net framework is present on server. But still its giving the same issue on server only.
Is there anything I'm missing here?
回答1:
According to this post:
.NET 4.0 supports up to TLS 1.0 while .NET 4.5 supports up to TLS 1.2
However, an application targeting .NET 4.0 can still support up to TLS 1.2 if .NET 4.5 is installed in the same environment. .NET 4.5 installs on top of .NET 4.0, replacing System.dll.
So basically you need to upgrade your server to .Net 4.5 to enable TLS 1.2.
Also, you can simplify your code and make it more readable:
using System.Net; ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Related MSDN articles:
回答2:
If you want to use TLS 1.2 in existing .NET 4.x code without application code changes, you'll need the following:
Install .NET framework 4.6 or higher. This is needed to use TLS 1.2 as a protocol by default in combination with proper Windows registry keys.
Set the following .NET Framework strong cryptography registry keys:
On 32-bit and 64-bit versions of Windows: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto"=dword:00000001
On 64-bit versions of Windows: [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto"=dword:00000001
The WOW6432Node value is used by 32-bit applications when run on a 64-bit system.
For more information see: https://github.com/TheLevelUp/pos-tls-patcher
Update: It's really not a good idea to hardcode the security protocol in application code. You want the OS doing this for you. See Transport Layer Security (TLS) best practices with the .NET Framework for further reading.
