All geek questions in one place

Is it possible to use .NET Remoting + TLS 1.2 (or 1.1)?

Recently, our PCI DSS scan failed and requires us to disable TLS 1.0 (and enable TLS 1.1 or 1.2). I found instructions on how to do this in our Windows Server 2008 R2 box, but we have an outdated application that uses .NET Remoting (its Windows application. Windows.NET 2.0 forms / CSLA 1.5 data portal hosted on IIS), which doesn't communicate with the new settings.

I get the following exception:

enter image description here

I tried various configurations of combinations of TLS settings both on the client and on the server, but to no avail. Such as:

  1. Disabling TLS 1.0 on the client and server (in the registry) and enabling TLS 1.2.
  2. Enabling TLS 1.1 both on the client and on the server (in the registry).

, .NET 4.5 TLS 1.1 1.2, , .NET. ?

, , Microsoft 4.5.2.

, .NET 4.5.2, , ( , , ). , .NET 10 .

, - .NET Remoting TLS 1.1 1.2?

:

  1. .NET Framework 4.5.2?
  2. , , , ?
  3. .NET Framework 4.5.2 - , , , , .NET, , , .NET, - ?

:

  1. Windows Server 2008 R2 .
  2. IIS 7.5 SSL (CSLA dataportal).
  3. Windows 7 Professional .
+4
3

MSDN. TLS 1.2, FIPS.

.NET, MS Web Deploy. , - ASP.NET, .

+1

. .NET Remoting . - TLS 1.0 CSLA, CSLA .NET 4.0. .

https://success.outsystems.com/Support/Enterprise_Customers/Maintenance_and_Operations/(.NET)_Enable_SSL_Protocols_for_your_Integrations_-_TLS_1.1_and_TLS_1.2

: TLS, Schannel [1]

, , :

, . "regedit" "" ( ). . , "", "". , .

: . , , .

  • : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols Protocols New, Key . . TLS 1.1 TLS 1.2 ( , )
  • TLS 1.1 TLS 1.2 . :
  • New, DWORD (32-bit) Value . DWORD DisabledByDefault.
  • DisabledByDefault "..." . , "" 0, "" .
  • .
  • DWORD , 7.
  • DWORD .
  • "" "..." . , "" 1, "" - .
  • . SSL, . .

SchUseStrongCrypto Windows, : TLS 1.0, TLS 1.1 TLS 1.2. , , SSL TLS 1.0, TLS 1.1 TLS 1.2 , :

, . "regedit" "" ( ).

. , "", "". , .

: . , , .

  • : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NetFramework\v4.0.30319
  • DWORD (32-) SchUseStrongCrypto. , "" 1, "" - . .
  • 4 5 : HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft.NetFramework\v4.0.30319
+1

The underlying connection was closed: An unexpected error occurred on a send., .Net 2.0/.NET 3.5 http- , IIS Windows 2012 R2.

. CSLA ( http- -), Windows 2012 R2 (IIS), SSL 3.0 TLS 1.0. IISCrypto, TLS. " ", TLS 1.0.

, .NET 2.0/3.5, . SecurityProtocolTypeExtensions.cs SslProtocolsExtensions.cs , - .

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolTypeExtensions.Tls11 | SecurityProtocolTypeExtensions.Tls12;

, - /.

0

Source: https://habr.com/ru/post/1613712/

More articles:


All Articles