0

I am attempting to perform Post requests to a server in my Xamarin forms app, however we recently updated our security policies and are no longer using TLS 1.0 This change appears to have broken the post request and now it times out.

To test this we re-enabled TLS 1.0 just for this service, and I can confirm it does now work. We of course would prefer to force better ciphers, is there any adjustments that can be made to the following request that could ensure it works once we return to the previous policy.

    public static async Task<LoginResponse> LoginRESTSend(FormUrlEncodedContent payload)
    {
        var cl = new HttpClient();
        cl.Timeout = TimeSpan.FromSeconds(10);
        HttpResponseMessage request = await cl.PostAsync((RESTURL + "/login"), payload);
        request.EnsureSuccessStatusCode();
        var response = await request.Content.ReadAsStringAsync();
        LoginResponse res = JsonConvert.DeserializeObject<LoginResponse>(response);
        return res;
    }

Edit

I don't believe this is a duplicate of this as the issue is not about sending over https (which I believe it is actually already doing) but more about the TLS version it's using.

Aphire
  • 1,621
  • 25
  • 55
  • Possible duplicate of [Make Https call using HttpClient](https://stackoverflow.com/questions/22251689/make-https-call-using-httpclient) – Luke Joshua Park Jun 05 '17 at 09:27
  • 4
    The "old" Mono Managed provider only supported 1.0.... Enable the platform-specific HTTPClient Implementation and SSL/TLS native provider in each platform project and you can use 1.2. – SushiHangover Jun 05 '17 at 09:53
  • Hey Sushi, thanks for that, any examples on how to go about it? Thanks – Aphire Jun 05 '17 at 10:14
  • @Aphire `Xamarin.Android`: https://developer.xamarin.com/guides/android/application_fundamentals/http-stack/ and `Xamarin.iOS`: https://developer.xamarin.com/guides/cross-platform/macios/http-stack/ – SushiHangover Jun 05 '17 at 10:34
  • @SushiHangover Thanks very much for your time, it's appreciated. Would this achieve a similar result? https://wolfprogrammer.com/2016/08/23/enabling-tls-1-2-in-xamarin-forms/ – Aphire Jun 05 '17 at 10:37
  • @Aphire I used to use `ModernHttpClient`, but now use the Xamarin implementations. I do not know what he means by not `PCL` friendly as just like `ModernHttpClient` you continue to use the normal `HttpClient` and you do not have to instance your HttpClient with a different provider, Xamarin does it for you.... – SushiHangover Jun 05 '17 at 10:44
  • @Aphire BTW: From your code sample you are creating a new `HttpClient` in that method, if you are using HttpClient in other methods and creating it over and over, don't... ;-) It should be treated like a singleton, create one for your app and share/reuse it across the app ;-) but that is just an "opinion". – SushiHangover Jun 05 '17 at 10:46
  • Hah I have actually just made that change myself, you are of course correct. If you want to put together an answer i'll be happy to accept and award the rep. – Aphire Jun 05 '17 at 10:49

0 Answers0