Last post Apr 11, 2018 02:26 AM by Brando ZWZ
Apr 05, 2018 01:31 PM|iDeveloper|LINK
I was tasked to upgrade our web server to only utilize TLS1.2, etc. One of our existing web application suddenly stops functioning. After reviewing the source code, I have noticed that it is using a System.Net.Mail SMTP and the error exception was Schannel
related error msg. After googling, once recommended fix is to enable FIPS in the local security policy. This counter our security initiative and ensure our system is running with adequate security and compliance with OWASP standards.
I am wondering if there is another alternative or workaround without me enabling FIPS mode - in programmatically or configuration on the server.
Apr 11, 2018 02:26 AM|Brando ZWZ|LINK
As far as I know, the iis SMTP is extremely limited, you should use postfix or exchange or an email API solution like mailgun.
Or I suggest you could try below solution.
In the application code, add the following line of code when the application starts (e.g., Application_Start for a System.Web.Http.Application)
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls11 | System.Net.SecurityProtocolType.Tls12;