问题
I have a WCF service which sends an outgoing request. Currently it is using SSL 3.0 or TLS 1.0.
The service I am sending the request to now only accepts TLS 1.2.
I can set the SecurityProtocolType just before the request (and for each request), but I would like it to use TLS 1.2 for all outgoing requests without having to specify it for each request.
This code sets it correctly for the request:
<OperationContract(), WebGet(UriTemplate:="...")>
Public Function SomeService()
System.Net.ServicePointManager.SecurityProtocol = (System.Net.SecurityProtocolType) 3072; // 3072 is TLS 1.2
// Do request
End Function
But I cannot see how to set WCF to use TLS 1.2 for all requests. I have tried placing the above statement into Application_Start and Application_BeginRequest in Global.asax, but by the time it comes to doing the request, SecurityProtocol is back to SSL3/TLS1.0
回答1:
If you have access to the registry you can apply the following key: registry key
This enforces TLS 1.2 at the Windows level of the Transport Layer so you don't need to change any code.
These are the keys changed in the above file:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
来源:https://stackoverflow.com/questions/38874187/force-servicepointmanager-securityprotocol-to-tls-1-2-on-all-connections