在 HttpClient C# 中支持 TLS 1.2
[英]supporting TLS 1.2 in HttpClient C#
问题描述
Good afternoon!
下午好! I use Azure Maps API using HttpClient.我使用 HttpClient 使用 Azure Maps API。 How can I enable support of TLS 1.2?如何启用对 TLS 1.2 的支持? As I know in Framework 4.6+ it is supported.据我所知,在 Framework 4.6+ 中它是受支持的。 And I should not do anything for this to work?我不应该为此做任何事情吗?
3 个解决方案
解决方案1
7 2019-12-18 08:43:34
Use ServicePointManager to set the security protocol.使用ServicePointManager设置安全协议。
Gets or sets the security protocol used by the ServicePoint objects managed by the ServicePointManager object.
HttpClient httpClient = new HttpClient();
//specify to use TLS 1.2 as default connection
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
This property selects the version of the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol to use for new connections;
Starting with the .NET Framework 4.7, the default value of this property is SecurityProtocolType.SystemDefault.
解决方案2
4 已采纳 2019-12-18 19:12:26
In general you do not need to specify any configuration in your application to enable adoption of the latest TLS protocol.通常,您无需在应用程序中指定任何配置即可采用最新的 TLS 协议。
Best practices and scenarios are outlined on docs.microsoft.com for earlier than .Net 4.7 . docs.microsoft.com上概述了 .Net 4.7 之前的最佳实践和方案。
At high level, you should make audit to make sure your application doesn't take any hard dependency on a lower TLS version.在高层次上,您应该进行审核以确保您的应用程序不会对较低的 TLS 版本产生任何硬依赖。 But otherwise no work should be required.但除此之外,不需要任何工作。
We recommend that you:
- Target .NET Framework 4.7 or later versions on your apps.
- Do not specify the TLS version.
- Perform a thorough code audit to verify you're not specifying a TLS or SSL version.
When your app lets the OS choose the TLS version:
- It automatically takes advantage of new protocols added in the future, such as TLS 1.3.
- The OS blocks protocols that are discovered not to be secure.
解决方案3
0 2020-04-01 13:57:55
It will be worth exploring Microsoft documentation on the TLS best practice值得探索有关TLS 最佳实践的Microsoft 文档
For me the issue was solved by adding one of the below registry keys:对我来说,问题是通过添加以下注册表项之一解决的:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
解决方案4
-2 2022-07-22 13:57:18
The official Microsoft answer available here 此处提供Microsoft 官方答案
It looks like this :它看起来像这样:
private static void Main(string[] args)
{
var httpClient = new HttpClient(new HttpClientHandler() { AllowAutoRedirect = false, SslProtocols = System.Security.Authentication.SslProtocols.Tls12 });
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var response = httpClient.GetAsync("http//myurl.com").GetAwaiter().GetResult();
}
But is not working for all of our projects (including != than 4.7.1 framework projects), please add info if you have但不适用于我们所有的项目(包括 != 4.7.1 框架项目),如果有,请添加信息
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.