有什么方法可以将ASP.NET Core 2.0 HTTPS限制为TLS 1.2？ [英] Any way to restrict ASP.NET Core 2.0 HTTPS to TLS 1.2?

问题描述

我有一个运行良好的ASP.NET Core 2.0 REST服务器，但是我需要限制对TLS1.2的访问-我该怎么做？似乎找不到任何文档。
服务器在Kestrel上运行。
谢谢！

I have an ASP.NET Core 2.0 REST server running fine, but I need to restrict access to TLS1.2 - how do I do this? Can't seem to find any documentation on it. Server is running on Kestrel. Thanks!

推荐答案

有一个允许您提供 HttpsConnectionAdapterOptions 实例进行配置。这是您的情况下的示例：

There's a UseHttps overload that allows you to provide a HttpsConnectionAdapterOptions instance to configure this. Here's an example of what this might look like in your case:

listenOptions.UseHttps(new HttpsConnectionAdapterOptions
{
    ...
    SslProtocols = SslProtocols.Tls12
});

作为参考， SslProtocols 默认值为 SslProtocols.Tls12 | SslProtocols.Tls11 。

这篇关于有什么方法可以将ASP.NET Core 2.0 HTTPS限制为TLS 1.2？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！