0

there is a powershell script running as a remote process on uDeploy, below is the script:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -Uri https://xxx/api/health

it was working fine until the service of this api (running on openshift) is using tls1.3, then I have to remove

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

but still got the error Could not create SSL/TLS secure channel then I had to copy this script to my local environment which has .net 5 and .net framework 4.8 installed and the script can perfectly work without adding something like:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls13

Can I assume that .net framework 4.8 doesn't support tls1.3 but .net 5 does?

So the question is, is there a way to Invoke-WebRequest using .net framework 4.8 to a tls1.3 service? BTW, I know there could be a way by editing the Registry and enable tls1.3, but this is forbidden in our environment

Added windows versions for both my local environment that can run the script:

Major  Minor  Build  Revision
-----  -----  -----  --------
10     0      19042  0

And the remote environment on uDeploy services that cannot run the script:

Major  Minor  Build  Revision
-----  -----  -----  --------
6      3      9600   0
user13904118
  • 87
  • 1
  • 8
  • This may help if using win10 https://www.itechtics.com/tls-1-3/#:~:text=TLS%201.3%20is%20not%20enabled,TLS%201.3%20in%20Windows%2010 – Mike Anthony May 30 '22 at 02:18
  • I think the OS actually running the process is a window server and it will not be changed to win10, but my I tested the script on my local environment and it is win10 and it is working fine – user13904118 May 30 '22 at 02:26
  • Which operating system are you using? Exact build number please `winver` – Charlieface May 30 '22 at 20:35
  • I am using [System.Environment]::OSVersion.Version instead, and in my local environment that has not problem is Major Minor Build Revision ----- ----- ----- -------- 10 0 19042 0 the remote environment cannot run the script is : Major Minor Build Revision ----- ----- ----- -------- 6 3 9600 0 – user13904118 May 31 '22 at 01:52
  • 1
    You still left out the name of hte windows release, found the above is Server 2012 R2 though. A quick google reveals Server 2012 does not support TLS 1.3. - if you'd like to run TLS1.3 with uDeploy you'll need a server running an OS that isn't a decade old ;) – Mike Anthony May 31 '22 at 07:38

0 Answers0