C# SOAP Client use TLS instead of SSL 3.0

Question

I have a C# application which is using Travelport Universal API interfaces through SOAP communication. In C# I used the wsdls for generating the SOAP client.

I have this config settings for HTTPS connection (this was generated by Visual Studio from WSDL):

<system.serviceModel>
<bindings>
    <basicHttpsBinding>
        <binding name="AirLowFareSearchBinding" maxBufferSize="2097152" maxReceivedMessageSize="2097152">
            <security mode="Transport">
                <transport clientCredentialType="Basic" />
            </security>
        </binding>
    </basicHttpsBinding>
</bindings>
<client>
    <endpoint address="https://emea.universal-api.travelport.com/B2BGateway/connect/uAPI/AirService" binding="basicHttpsBinding" bindingConfiguration="AirLowFareSearchBinding" contract="AirServiceReference.AirLowFareSearchPortType" name="AirLowFareSearchPort" />
</client>

About this SSL3.0 vulnerability Travelport want to disabling SSL3, and I could use just over TLS. My question is what should I change on this config, or should I change anything for TLS connection on https instead of SSL3.

If I check System.Net.ServicePointManager.SecurityProtocol I get "SSL3 | Tls" back. So probably I don't have to do anything, the service will switch automatically to Tls? — martonx, Oct 29 '14 at 22:55

score 3 · Accepted Answer · edited Jan 07 '16 at 18:46

3

In you code before calling to the service:

system.Net.ServicePointManager.SecurityProtocol=SecurityProtocolType.Tls12;

Here is a blog post Here

edited Jan 07 '16 at 18:46

timss

9,982
4
34
56

answered Jan 07 '16 at 15:01

Ehsan

141
1
8

C# SOAP Client use TLS instead of SSL 3.0

1 Answers1