How to tell users to upgrade to browser supporting TLS 1.2 in ASP.NET

0
votes

Apparently we are turning off support of TLS < 1.2 in the near future. So, we would like to inform users that access our site, prior to the turn off, to upgrade their browsers.

Initially I looked at HowsMySSL.com, which has an API that can be accessed via Javascript, but ultimately we don't want to access a 3rd party API.

Is there not a server variable in ASP.NET, which indicates which cipher version has been handshaken between the client and server?

To reiterate, we haven't turned off TLS < 1.2 YET, but want to be proactive to inform those users that will be affected. So, the users will successfully negotiate the handshake, I'm just looking to get the value of the cipher used...

1
asp.netssltls1.2
Possible duplicate of Check ssl protocol, cipher & other properties in an asp.net mvc 4 applicationJohnie Karr
You really should just tell everyone about the change. Imagine that, 99% of the time I visit your site with my desktop PC, which supports TLS 1.2, but once in a while, I visit with my ancient phone that doesn't support it. You may go ahead and turn off the ciphers, and then I have no idea why my phone doesn't work because I didn't happen to log in with the phone during the time you were warning people.Erik Funkenbusch

1 Answers

0
votes

See this thread (oh the futility!): Check ssl protocol, cipher & other properties in an asp.net mvc 4 application

We haven't come up with a solution yet either. Though the SCHANNEL event-log parsing is looking like a promising way to at least get a feel for how many people are connecting with which protocol.