问题
We have a web app that has a client implemented with WCF. This client uses SSL_LVL3 to make the handshake with an external service. It turns out that the service just disabled the SSL_LVL3, so we need to change it to TLS 1.0. There is a way to force TLS security in C#:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
But it changes the security of all the services that are used by the app and not all the services accept TLS.
What we would like is to change the web.config to force the WCF service to use TLS. Is there any way to do this?
This is the binding of the service:
<binding name="XXXX" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" NameComparisonMode= "StrongWildcard"
maxBufferPoolSize="524288" maxBufferSize="655360"
maxReceivedMessageSize="655360" textEncoding="utf-8"
transferMode="Buffered" useDefaultWebProxy="true"
messageEncoding="Text">
<security mode="Transport" />
</binding>
回答1:
<customBinding >
<binding name="CusSoap">
<sslStreamSecurity requireClientCertificate="true" sslProtocols="Ssl3|Tls|Tls11|Tls12" />
</binding>
But it is available in Visual Studio 2015(.Net Framework 4.5.2)
来源:https://stackoverflow.com/questions/32693391/force-by-config-to-use-tls-1-0-in-a-wcf-client-c-sharp