如何使用Web客户端应用程序使用TLS 1.2 [英] How to make a web client app use TLS 1.2
问题描述
我无法明确某些事情。
我们这里有几个使用REST调用外部系统的系统。
We have several systems here that make calls to external systems using REST.
目前这些系统支持TLS 1.0,但在不久的将来,它们不会支持任何低于TLS 1.2的东西。
Currently these systems support TLS 1.0 but in the near future they will not support anything less than TLS 1.2.
一个例子是Github,昨天他们做了一个测试并将他们的REST API限制为仅接受TLS 1.2连接。我使用工具Smartgit(在我的Windows 10桌面上)以及使用Octokit.Net与Github交谈的实用程序失败。
An example is Github and yesterday they did a test and restricted their REST API to accept only TLS 1.2 connections. I got failures using a tool Smartgit (on my Windows 10 desktop) and also with a utility that uses Octokit.Net to talk to Github.
这篇文章对此进行了解释:
This is explained more in this post:
https://github.com/octokit/octokit.net/issues/1756
https://github.com/octokit/octokit.net/issues/1756
正如我所说,我们还有其他服务提供商也在做类似的事情,其中之一是提供NO测试选项!
As I say we have other service providers that are also doing a similar thing and one of these is providing NO test option !
我们必须让我们的系统在3月1日之前支持TLS 1.2。
We must get our systems to support TLS 1.2 before March 1 for example.
但是我不知道我们要做什么,我们必须对机器的注册表做些什么吗?或者仅适用于Server 2008上的入站连接?
But I have no idea what we are to do, must we do something to a machine's registry? or is that only for inbound connection on Server 2008?
我们是否必须更改我们的代码以使用特定版本的.Net?
Must we change our code to use a specific version of .Net?
我们必须添加设置此代码:
Must we add code to set this:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
如果是这样的话?在app启动?在创建连接之前? ?
If so where? at app start up? before a connection is created? ?
我们必须对所有这些进行一些组合吗?
Must we do some combination of all of these?
任何帮助都非常感谢!
Cap 'n
推荐答案
提供相关资源的链接通常很有帮助你的问题。以下似乎是相关的。
It often helps to provide links to relevant resources in your question. The following seem relevant.
- ssl - 代理服务器接受TLS 1.0并调用TLS 1.2下游 - 服务器故障
- 更新启用TLS 1.1和TLS 1.2作为Windows中WinHTTP的默认安全协议
- 代理解决方案"碰撞"与TLS 1.2的TLS 1.0连接:系统管理员
- network - 是否可以利用出站代理升级到TLS - 信息安全堆栈交换
- TLS 1.2和.NET支持:如何避免连接错误 - Microsoft
- 更新以在Windows中的WinHTTP中启用TLS 1.1和TLS 1.2作为默认安全协议
- c# - SSL和过时的TLS(1.0和1.1) for .Net 3.5上的Web服务客户端应用程序 - Stack Overflow
- 安全性 - .NET 4.5中的默认SecurityProtocol - 堆栈溢出
- c# - System.Net.WebRequest支持哪些版本的SSL / TLS? - 堆栈溢出
- 更新以在Windows中的WinHTTP中启用TLS 1.1和TLS 1.2作为默认安全协议
- iis 7.5 - 是否可以配置ARR以在Server 2008 R2中建立TLS 1.2传出连接? - 服务器故障
- ssl - Proxy server accepting TLS 1.0 and calling TLS 1.2 downstream - Server Fault
- Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows
- Proxy solution to "bump" TLS 1.0 connection to TLS 1.2 : sysadmin
- network - Is it possible to utilize an outbound proxy to upgrade to TLS - Information Security Stack Exchange
- TLS 1.2 and .NET Support: How to Avoid Connection Errors - Microsoft
- Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows
- c# - SSL and Outdated TLS(1.0 and 1.1) for Web Service client application on .Net 3.5 - Stack Overflow
- security - Default SecurityProtocol in .NET 4.5 - Stack Overflow
- c# - Which versions of SSL/TLS does System.Net.WebRequest support? - Stack Overflow
- Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows
- iis 7.5 - Is it possible to configure ARR to make TLS 1.2 outgoing connections in Server 2008 R2? - Server Fault
这篇关于如何使用Web客户端应用程序使用TLS 1.2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
