2

I have a website which communicates with an API which shuts down connections that use anything below TLS 1.1 due to various security vulnerabilities such as POODLE.

The website is compiled using .NET Framework 4.0 (not TLS 1.1 or higher compatible) and cannot be upgraded to a higher .NET Framework version because it resides on a Windows 2003 server - compatibility list here

Are there any good, preferably free, third party libraries that can be used to force a .NET 4.0 (or lower) application to use TLS 1.1 or TLS 1.2 programatically from C#?

I found this Windows registry solution but this is not a C# solution;

To enable TLS 1.2 by default in .NET Framework 4.0, it is possible to set the SchUseStrongCrypto DWORD value in the following two registry keys to 1, creating them if they don’t exist:

  • "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319"

  • "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft.NETFramework\v4.0.30319"

tech-dev
  • 139
  • 7
  • Yes I agree, that was my suggestion, there are many vulnerabilities, and OS upgrades have been made since then. But I'm looking for a solution to the current problem which was described above. – tech-dev Apr 16 '16 at 17:18
  • refer [this post](https://stackoverflow.com/a/39725273/3682162) – Vikrant Sep 25 '18 at 09:36

0 Answers0