How can I force TLS1.2 on the SOAP proxy?

Asked Mar 15 '15 at 22:19

Active Mar 15 '15 at 22:19

Viewed 167 times

Because of BEAST, CRIME, and similar SSL attacks, we've been tightening our IIS encryption parameters. At this point, very old web apps that use ASMX web services suddenly stopped responding over SSL. The error message was

Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host

We isolated the problem to the server side of the connection, not the client side, because SoapUI also showed a connection problem.

We further isolated the problem to the guts of the SOAP implementation, because plain ASPX pages worked in the browser.

Rolling back the recent anti-BEAST changes made the problem go away.

So the question becomes: what do we have to do in our .NET code to make it use TLS 1.2 to connect to the server, rather than TLS 1.0 or any earlier protocol?

asked Mar 15 '15 at 22:19

Ross Presser

6,027
1
34
66

It appears that the answer is [here](http://stackoverflow.com/questions/26416645/what-version-of-ssl-tls-does-system-web-services-protocols-soaphttpclientprotoco). And it requires .NET Framework 4.5 – Ross Presser Mar 16 '15 at 17:18

How can I force TLS1.2 on the SOAP proxy?

0 Answers0