I have an excel plugin written in c# that connects to a website hosted as an Azure app service with the following settings
The plugin tries to download some content from the webapp using the following code
public static string HttpPost(string URI, string Parameters)
{
System.Net.WebRequest req = System.Net.WebRequest.Create(URI);
req.Proxy = GetProxyForConnection();
//Add these, as we're doing a POST
req.ContentType = "application/json";
req.Method = "POST";
//We need to count how many bytes we're sending. Post'ed Faked Forms should be name=value&
byte[] bytes = System.Text.Encoding.ASCII.GetBytes(Parameters);
req.ContentLength = bytes.Length;
System.IO.Stream os = req.GetRequestStream();
os.Write(bytes, 0, bytes.Length); //Push it out there
os.Close();
System.Net.WebResponse resp = req.GetResponse();
if (resp == null) return null;
System.IO.StreamReader sr = new System.IO.StreamReader(resp.GetResponseStream());
return sr.ReadToEnd().Trim();
}
this works perfectly on many computers, but we have a client who uses exclusively TLS 1.2 connection, this is what they wrote
Our IT Security team have been removing TLS 1.1 from our environment – Microsoft’s recommendation.
My question is how to reproduce this, how to make our dev environment TLS 1.2, and any hints on how to fix the issue?
thanks
P.S. the plugin is written in .net 4.0
CodePudding user response:
The .NET 4.0 doesn't support TLS 1.1 or TLS 1.2, is the why your code doesnt works.
Your applcation should be target to .NET Framework 4.7, better if it is 4.8.
As @jdweng said, the SSL, TLS 1.0, and TLS 1.1 are obsolete and has been disabled asap.
To simulate the issue its quite simple, use the
The changes made on IISCrypto, changes the regedit, if you wanna know more about it, look at Transport Layer Security (TLS) registry settings
Regards