0

We have a .NET 4.7.1 ASP.NET MVC application running on Windows Server 2012 R2.

In the Registry, we set the "Enabled" properties to zero (FALSE) for the following keys:

HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client

HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server

However, after rebooting, we found that whilst our application could pull data securely from a 3rd party "Service Reference", it was unable to pull data securely from another 3rd party "Web Reference".

Reverting the "Client" Enabled property to 4294967295 (true) (and rebooting) solved the issue.

We're informed that the web-reference concerned supports TLS 1.0, 1.1, and 1.2, and that other clients are able to consume data using TLS 1.1/1.2.

The MVC application is set to use the server settings (protocols are not hard-coded).

TylerH
  • 20,799
  • 66
  • 75
  • 101
DrGriff
  • 4,394
  • 9
  • 43
  • 92
  • 1
    Can you please elaborate a bit what your question is? Are you asking when the "web reference" doesn't work? "We're informed" - can you test this yourself by using a site like https://ssllabs.com to scan the 3rd party to make sure they really do support TLS 1.1/1.2? – vcsjones Jul 13 '18 at 14:20
  • The server definitely does support TLS 1.1/1.2 (ssllabs confirm). However, when our application tries to create a secure connection it fails when TLS 1.0 Client Enabled set to zero. Not sure why that would be.... – DrGriff Jul 13 '18 at 22:31

0 Answers0