The following article was adapted from Microsoft documentation and addresses how to enforce the TLS 1.2 protocol in .NET applications. See the original Microsoft article for more details:
https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls
The Transport Layer Security (TLS) protocol is an industry standard designed to help protect the privacy of information communicated over the Internet. TLS 1.2 is the newest released standard and provides security improvements over previous versions.
...
- Target .NET Framework 4.7 or later versions on your apps. Target .NET Framework 4.7.1 or later versions on your apps.
- Do not specify the TLS version. Configure your code to let the OS decide on the TLS version.
- Perform a thorough code audit to verify you're not specifying a TLS or SSL version.
...
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
protected void Application_Start(Object sender, EventArgs e)
{
//The following line enables TLS 1.1 (in case other requests need to support TLS 1.1) and also TLS 1.2 for Quik!
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12
} |
...