问题
I have a Server service and a Client service using WCF, both built in C# with .NET version 4.0 and Visual Studio 2010.
I created and installed self-signed SSL and CA certificates on the server. So far so good. Everything works ok. The Client is service is able to communicate with the Server service from a different machine.
However, the connection details show it is using TLS 1.0.
Is there a way to implement TLS 1.1 or 1.2 using DotNet 4.0? It appears not, but I was hoping someone had a technique that worked for them.
回答1:
Yes, it's possible to use TLS 1.1 and 1.2 in a .NET application targetting .NET Framework 4.0, but you will need .NET 4.6 installed (you do not need to target 4.6 in your application). TLS 1.2 was added to .NET 4.5, but TLS 1.2 will not be able to be used without code changes.
If you want existing .NET 4.0 code to use TLS 1.2, you'll need the following:
Install .NET Framework 4.6 or higher. This is needed to use TLS 1.2 as a protocol by default in combination with proper Windows registry keys.
Set the following .NET Framework strong cryptography registry keys:
On 32-bit and 64-bit versions of Windows:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
On 64-bit versions of Windows:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
The WOW6432Node value is used by 32-bit applications when run on a 64-bit system.
For more information see: https://github.com/TheLevelUp/pos-tls-patcher
来源:https://stackoverflow.com/questions/48786117/use-tls-1-1-or-1-2-in-wcf-and-net-4-0