0

I am creating a WCF application in which I am setting the ServicePointManager.SecurityProtocol to accept TLS1.2. I will also be creating the SChannel service registry keys as outlined here to disable all client / server protocols other than TLS1.2 (will set Enabled = 0).

I understand that the SChannel setting creates an OS level setting. I was wondering if in my code I explicitly set ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls; would it override the OS setting and allow TLS1.1 connections?

I got confused because of the statements here - If you want to configure security with the registry, don't specify a security protocol value in your code; doing so overrides the registry setting.

This update will not change the behavior of applications that are manually setting the secure protocols instead of passing the default flag.

Edit 1: I am using .Net v4.7.

Saint
  • 3,977
  • 2
  • 11
  • 10
  • In fact, this is also related to the framework you use. If your application targets .NET 4.7.x, no matter how you set the registry key, you are actually using "SystemDefaultTlsVersions". – Ding Peng Jul 17 '20 at 08:57
  • @Dingpeng - thanks! Any documentation pointers for that? I have been searching for days for such clear documentation. – Saint Jul 17 '20 at 17:14
  • You can refer to this link, hope it can help you:https://github.com/dotnet/docs/issues/4675 – Ding Peng Jul 18 '20 at 01:05

0 Answers0