Is TLS 1.1 and TLS 1.2 enabled by default for .NET 4.5 and .NET 4.5.1?

c# .net wcf ssl tls1.2

neildt · Jan 21, 2016 · Viewed 50.7k times · Source

On our Windows 2012 Server R2, we need to disabled TLS 1.0.

However we have .NET 4.5 Wcf services running. We found that if we disable TLS 1.0 that the WCF services no longer run, as we get the error 'An existing connection was forcibly closed by the remote host'.

Is TLS 1.1/1.2 enabled by default in .NET 4.5 and .NET 4.5.1 ? If not, which we assume is the case, where in our WCF project do we force the project to use TLS 1.1/1.2 ?

Answer

No. The default protocols enabled for the various framework versions are:

.NET Framework 4.5 and 4.5.1: SSLv3 and TLSv1
.NET Framework 4.5.2: SSLv3, TLSv1, and TLSv1.1
.NET Framework 4.6 and higher: TLSv1, TLSv1.1, and TLS1.2

Sources: [1] [2]

You can specify which protocols your application supports by using the ServicePointManager class, specifically by setting the SecurityProtocol property, which in your case you would want to set to the following:

System.Net.ServicePointManager.SecurityProtocol =
    SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

Is TLS 1.1 and TLS 1.2 enabled by default for .NET 4.5 and .NET 4.5.1?

Answer

Related questions