I have set up a simple .NET 4.6 web server, using the HTTPListener with a 'https' prefix and linked certificate on a server 2012 R2 machine. The https interface works, but only uses TLS 1.0 and not 1.1 or 1.2, which should be supported by default by the server 2012.
What I have tried so far, to force the system to use TLS 1.2:
- added and enabled SCHANNEL protocol in the registry for TLS 1.2
- added and enabled SchUseStrongCrypto in the registry for the .NET framework
- disabled SCHANNEL protocol for TLS 1.0 and SSL in the registry
- hardcoded via System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
But none of these seem to have the desired effect. When SSL and TLS 1.0 are disabled through SCHANNEL registry, the webserver becomes unreachable.
Framework .NET 4.6.2 has been installed. The executable has been built against .NET 4.6. Any hints?
Cheers.
openssl s_client
to get details. – Jeroen Mostert