如何测试我的.NET客户端使用的TLS版本? [英] How to test which version of TLS my .NET client is using?
问题描述
我支持一个.NET站点,该站点(包括许多其他东西)与供应商系统中的远程API进行通信.
I support a .NET site which (amongst many, MANY, other things) talks to remote APIs from supplier systems.
我们要升级以支持TLS 1.2 我们希望按照以下问题进行操作:是否存在.NET TLS 1.2的实施?
We want to upgrade to support TLS 1.2 We're hoping to do so as per this question: Are there .NET implementation of TLS 1.2?
但是一旦进行更改,我如何检查它是否确实有效.
But how do I check that this is actually working once I've made the change.
理想情况下,我的一个供应商站点将开始使用TLS 1.2 仅,然后我的测试可能只是我们现在可以与该供应商对话吗?"但是我们没有. 我想我可以使用某种类型的数据包嗅探器来做些什么,但是我不知道自己到底在寻找什么,也不知道如何设置该嗅探器以可读的方式收集必要的数据.
Ideally one of my supplier sites would start using TLS 1.2 ONLY and then my test could just be "can we talk to that supplier now?" But we don't have that. I'm guessing I can do something with a packet sniffer of some sort, but I wouldn't know what I was looking for exactly, nor how to set up the sniffer to be collecting the neccessary data in a readable manner.
要么:
- 有人可以向我指出如何在Fiddler/WireShark中收集数据的综合指南吗?
或
- 有人可以建议另一种方法来测试更改是否有效.
推荐答案
如果您捕获Wireshark中的连接创建,并检查来自客户端的第一个数据包,则Wireshark将为您注释ClientHello结构中的字段,包括客户端请求的TLS版本.
If you capture the connection creation in Wireshark, and examine the first packet from the client, then Wireshark will annotate the fields in the ClientHello struct for you, including the TLS version requested by the client.
类似地,如果您查看服务器的第一个回复数据包,则Wireshark将为您注释ServerHello结构中的字段,包括为连接确定的TLS版本.
Similarly, if you look at the first reply packet from the server, then Wireshark will annotate the fields in the ServerHello struct for you, including the TLS version settled on for the connection.
这篇关于如何测试我的.NET客户端使用的TLS版本?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
