Last post Sep 10, 2018 03:43 PM by ryan108
Sep 07, 2018 01:00 PM|ryan108|LINK
There is a bunch of current web references in my WPF application that were generated using the "add web reference" option in Visual Studio. However I am trying to enforce https on callings these web services using TLS1.2 (already done work on server side).
I have done all the cert imports and I can access the WSDL over https fine on the web browsers. Application works if I enable tls1.0 on the server side, but when I disable I just get the error occurred on send "An existing connection was forcibly closed by
the remote host". Is there a setting I have to set in the app.config to enforce tls1.2?
Sep 07, 2018 01:15 PM|mgebhard|LINK
The recommendation is targeting a .NET framework (4.7 or later) that supports TLS 1.2.
Sep 07, 2018 03:15 PM|ryan108|LINK
Thanks. I thought 4.5 would have worked. Anyway I used 4.7 as the target but then got error "The client and server cannot communicate, because they do not possess a common algorithm". I can work around this by enabling "FIPS compliant algorithms" in the
Local Security Policy, but doing this can be problematic elsewhere and is advised not to be used. I'm not sure why I need to enable this to get it to work
Sep 07, 2018 04:15 PM|mgebhard|LINK
Did you update the service and the client target framework? Maybe the new error is related to a DB connection?
Sep 07, 2018 04:29 PM|ryan108|LINK
Yes the target framework is the same on both. It's not a dbconnection issue as I can get the soap service to work over https in Java fine.
Sep 08, 2018 11:18 AM|PatriceSc|LINK
From the link posted earlier (are you in this case ?) :
These versions of the WCF framework are hardcoded to use values SSL 3.0 and TLS 1.0. These values cannot be changed. You must update and retarget to NET Framework 4.6 or later versions to use TLS 1.1 and 1.2.
Sep 10, 2018 08:43 AM|ryan108|LINK
I was using 4.5.2 but changed the target framework to 4.7.2 in the properties of project. However am now getting error "The client and server cannot communicate, because they do not possess a common algorithm". I can work around this by enabling "FIPS compliant
algorithms" but that is not ideal
Sep 10, 2018 09:51 AM|ryan108|LINK
Huh. So I'm getting this issue when using the VS debugger. If I launch the exe from the Debug folder directly I don't have this issue. Odd
Sep 10, 2018 03:43 PM|ryan108|LINK
I upgraded to Visual Studio 2017 (was using 2013) and all is working now