0

Env: Windows 2003 Standard SP2, .Net 2.0 / 4.0

I have an app that is trying to access https site which has enabled TLS 1.0.

     var response = (HttpWebResponse)webRequest.GetResponse();
     var responseContent = new StreamReader(response.GetResponseStream()).ReadToEnd();

Every time, GetResponse() fails with "The operation has timed out" exception.

Note that IE 6 also could not open the page. I've enabled TLS 1.0 in internet options. Similar problem happens on Windows 2008 SP2 x86. On newer Windows versions the https request works without exceptions.

Configuring Tls in C# also didn't help:

 System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;

Is there any know issue related to Tls 1.0 that I'm missing?

iz25
  • 274
  • 1
  • 11
  • Why are you running .NET 2.0, Windows Server 2003 and IE6? – Dai May 02 '22 at 11:36
  • IE6 is only for test.. It's .Net app, tried both .net 4.0 and 2.0.. is would be great if works on Win 2003.. – iz25 May 02 '22 at 11:42
  • 1
    "issue related to Tls 1.0 " - apart from it's insecure and deprecated by just about every web site? – Neil May 02 '22 at 11:57
  • not every, my site configured for TLS 1.0 – iz25 May 02 '22 at 13:09
  • Use a profiler, possibly in combination with a disassembler. And some packet sniffing like wireshark. In other words, I'd just debug it. That said, there's a reason tech goes obsolete. – Zer0 May 02 '22 at 13:33
  • 1
    TLS 1.0 is only the protocol version, but additionally client and server have to agree on a certain cipher for establishing communication. Most likely in your case the server does not support a cipher supported by the client. Use Wireshark to debug and https://www.ssllabs.com/ssltest to test the server. – Robert May 02 '22 at 16:07
  • 1
    https://caniuse.com/sr_tls1 over 95% of browsers support TLS 1.1 or above, therefore you are trying to support a microscopic number of insecure users. – Neil May 03 '22 at 11:21

0 Answers0