How to enable security protocol to TLS1.2 for a self hosted application?

Asked Aug 27 '18 at 04:57

Active Aug 27 '18 at 05:13

Viewed 792 times

I have found many questions on TLS1.2. I could not find how to enable it for a self -hosted application. I have seen many answers saying

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12

this to be inserted in the code and it would work. I want to know what are all the changes I need to make for a self-hosted application to support TLS1.2 and where should I make those changes?

edited Aug 27 '18 at 05:13

prisar

3,041
2
26
27

asked Aug 27 '18 at 04:57

Bhargavraj Vankadaru

Self hosted _what_ kind of application on _which_ .net platform? – ZorgoZ Aug 27 '18 at 05:14
It is a self-hosted .net application. It doesn't use IIS for hosting.My .net framework is 4.5.2 version. In C#. – Bhargavraj Vankadaru Aug 27 '18 at 05:15
Got hat. But is it Asp.net core or WebApi 2? Because Kestrel and Katana work differently. – ZorgoZ Aug 27 '18 at 05:19
@BhargavrajVankadaru AngularJS is irrelevant to your question, it's just a client-side framework. .NET 4.5.2 indicates you're not using .NET Core...but what are you using to do the self-hosting? – ADyson Aug 27 '18 at 05:41
@ZorgoZ .NET 4.5.2 in Bhargavraj's earlier comment indicates it's not .NET Core. But it coud be some kind of self-hosting using OWIN or similar. Unfortunately Bhargavraj has not made that clear, or indeed posted much other relevant info. – ADyson Aug 27 '18 at 05:42
sorry for that Owin libraries are used for hosting @ADyson – Bhargavraj Vankadaru Aug 27 '18 at 05:47
Possible duplocate of this: https://stackoverflow.com/questions/51999293/tls-1-2-for-self-hosted-net-applications – ZorgoZ Aug 27 '18 at 06:07
yeah, what would be the solution for it? Where should make changes to my code? – Bhargavraj Vankadaru Aug 27 '18 at 06:11
Your app is already accessible over https, you only want to restrict to tls2.1? – ZorgoZ Aug 27 '18 at 06:15
I will get back to you on it. Is there a way to check what security protocol the application is supporting? If yes let me know – Bhargavraj Vankadaru Aug 27 '18 at 06:21
No, it's not accessible over https. And yes I want to make it restricted for TLS1.2 . – Bhargavraj Vankadaru Aug 27 '18 at 06:30
Then start here: http://blog.boxofbolts.com/ssl/windows/owin/guide/2015/06/29/https-self-hosted-windows/ – ZorgoZ Aug 27 '18 at 06:34
@ZorgoZ my application is accessible over https (i locally run it over HTTP). So what changes should I do to restrict to TLS1.2? – Bhargavraj Vankadaru Aug 27 '18 at 07:02

How to enable security protocol to TLS1.2 for a self hosted application?

0 Answers0