I am trying to achieve to have a server set up which will only provide secure connection with TLS 1.2 protocol.
On the server I disabled the the SSL 2, SSL 3, TLS 1.0. By regedit using this way. I have a simple ASP.NET application and an _AppStart.cshtml file where I am logging what is happening.
This is the code and output I have now (mostly got it from here):
Log("SecurityProtocol: " + System.Net.ServicePointManager.SecurityProtocol.ToString());
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Log("SecurityProtocol: " + System.Net.ServicePointManager.SecurityProtocol.ToString());
output:
-- Log: SecurityProtocol: Ssl3, Tls
-- Log: SecurityProtocol: Tls12
In the beginning somehow the value is still Ssl3, Tls
Is there any way to set up (maybe in web.config/app.config file) to initially start connection with forcing TLS 1.2?
One step would be achieving this by browsing this web application, another would be to have this working between a web- and application server with WCF. Any good pointers and ideas how to do this? I would appreciate any help!
