Home > OS >  TLS 1.2 how to debug/reproduce
TLS 1.2 how to debug/reproduce

Time:07-08

I have an excel plugin written in c# that connects to a website hosted as an Azure app service with the following settings Azure app service TLS settings

The plugin tries to download some content from the webapp using the following code

public static string HttpPost(string URI, string Parameters)
        {
            System.Net.WebRequest req = System.Net.WebRequest.Create(URI);
            req.Proxy = GetProxyForConnection();
            //Add these, as we're doing a POST
            req.ContentType = "application/json";
            req.Method = "POST";
            //We need to count how many bytes we're sending. Post'ed Faked Forms should be name=value&
            byte[] bytes = System.Text.Encoding.ASCII.GetBytes(Parameters);
            req.ContentLength = bytes.Length;
                System.IO.Stream os = req.GetRequestStream();
            os.Write(bytes, 0, bytes.Length); //Push it out there
            os.Close();
            System.Net.WebResponse resp = req.GetResponse();
            if (resp == null) return null;
            System.IO.StreamReader sr = new System.IO.StreamReader(resp.GetResponseStream());
            return sr.ReadToEnd().Trim();
        }

this works perfectly on many computers, but we have a client who uses exclusively TLS 1.2 connection, this is what they wrote

Our IT Security team have been removing TLS 1.1 from our environment – Microsoft’s recommendation.

My question is how to reproduce this, how to make our dev environment TLS 1.2, and any hints on how to fix the issue?

thanks

P.S. the plugin is written in .net 4.0

CodePudding user response:

The .NET 4.0 doesn't support TLS 1.1 or TLS 1.2, is the why your code doesnt works.

Your applcation should be target to .NET Framework 4.7, better if it is 4.8.

As @jdweng said, the SSL, TLS 1.0, and TLS 1.1 are obsolete and has been disabled asap.

To simulate the issue its quite simple, use the enter image description here

The changes made on IISCrypto, changes the regedit, if you wanna know more about it, look at Transport Layer Security (TLS) registry settings

Regards

  • Related