As Paypal updated their response, I need to update security protocols TLS to v1.2 in my existing application which is on .NET 3.5 framework. What changes required to update this in existing code, I cannot update the application to newer framework.
Asked
Active
Viewed 2.4k times
4 Answers
24
I'm using VS 2008 with .net 3.5.30729.4926. All I had to do was:
Add imports:
Imports System.Security.Authentication
Imports System.Net
Add this to my code (C#):
public const SslProtocols _Tls12 = (SslProtocols)0x00000C00;
public const SecurityProtocolType Tls12 = (SecurityProtocolType)_Tls12;
ServicePointManager.SecurityProtocol = Tls12;
VB.net version:
Const _Tls12 As SslProtocols = DirectCast(&HC00, SslProtocols)
Const Tls12 As SecurityProtocolType = DirectCast(_Tls12, SecurityProtocolType)
ServicePointManager.SecurityProtocol = Tls12
Dim wbrq As HttpWebRequest
Dim wbrs As HttpWebResponse
Dim sw As StreamWriter
Dim sr As StreamReader
Dim strResult As String
'Create a new HttpWebRequest object.
wbrq = WebRequest.Create(strURL)
wbrq.Method = "POST"
wbrq.ContentLength = DataString.Length
wbrq.ContentType = "application/x-www-form-urlencoded"
'upload data
sw = New StreamWriter(wbrq.GetRequestStream)
sw.Write(DataString)
sw.Close()
'get response
wbrs = wbrq.GetResponse
sr = New StreamReader(wbrs.GetResponseStream)
strResult = sr.ReadToEnd.Trim
sr.Close()
D_Bester
- 5,723
- 5
- 35
- 77
-
1@Cullub Thanks. I suspect MS might retrofit the constant in older versions of .net. – D_Bester Aug 04 '17 at 15:50
-
This is better than the other answer at the moment - it doesn't depend on a broken link ;-) – Cullub Aug 04 '17 at 15:52
-
Where in the code was this placed? In a class? or global.asax? etc? – Anna Aug 14 '17 at 20:57
-
1@Anna The SecurityProtocol is set immediately before making a HttpWebRequest. See my edited post above. – D_Bester Aug 16 '17 at 13:24
-
Just to confirm, did you have to apply any hotfix and edit the registry to enable TLS 1.2 on the server? Or is it just using the code mentioned above? – Anna Aug 17 '17 at 14:15
-
1@Anna No hotfixes or registry edits. Just the code above. YMMV – D_Bester Aug 17 '17 at 14:26
-
Just `ServicePointManager.SecurityProtocol = (SecurityProtocolType)0x00000C00;` for a C# project was sufficient for me. – Kenny Evitt Apr 17 '18 at 14:19
-
You code save me :d. Thank you very much. Net 2.0 can use this code. – Nguyên Ngô Duy May 29 '19 at 07:23
3
just adding adding Your code in vb .net 3.5 version :
ServicePointManager.SecurityProtocol = DirectCast(3072, SecurityProtocolType)
then Your code become :
ServicePointManager.SecurityProtocol = DirectCast(3072, SecurityProtocolType)
Dim wbrq As HttpWebRequest
Dim wbrs As HttpWebResponse
Dim sw As StreamWriter
Dim sr As StreamReader
Dim strResult As String
'Create a new HttpWebRequest object.
wbrq = WebRequest.Create(strURL)
wbrq.Method = "POST"
wbrq.ContentLength = DataString.Length
wbrq.ContentType = "application/x-www-form-urlencoded"
.............
hope this help
Yosep Tito
- 737
- 6
- 7
2
If you are on NET 3.5.1 you have an option of applying a rollup hotfix and apply a registry edit to tell .NET to use the system default. More details here
Failing that you need to be using .NET 4.5 for TLS 1.2 & 1.1 support and on Windows Server 2008 R2 at a minimum.
Ian Bennett
- 360
- 3
- 10
0
Add de following code:
System.Net.ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
Jorge
- 1