问题
I would like to configure the server to refuse negotation of DES, RC4, MD5, etc. The mono 3.4 release notes say "Network Stack Now allows developers to control which cipher suites to use with TLS/SSL." ... But how?
回答1:
(Thanks to Sebastien Pouliot for this answer)
You can set a callback for either ClientCipherSuitesCallback or ServerCipherSuitesCallback SSL/TLS. That will allow you to control which ciphers can be used and the selection order (in general most server select the first cipher suites they support).
Sample code is part of the documentation.
And also, since it will likely be difficult for some people to find the valid enumerations, see CipherSuiteFactory.cs
来源:https://stackoverflow.com/questions/23341014/in-mono-how-to-control-the-ssl-tls-cipher-suite