我们有一个与WCF实现客户端的Web应用程序。此客户端使用SSL_LVL3使握手与外部的服务。原来,该服务只禁用SSL_LVL3,所以我们需要将其更改为TLS 1.0。 有一种方法来强制TLS安全在C#中:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
但它改变了由应用程序使用的所有服务的安全性,而不是所有的服务接受TLS。
我们想的是改变的web.config迫使WCF服务使用TLS。有没有办法做到这一点。
这是该服务的绑定:
<绑定名称=XXXXcloseTimeout =00:01:00openTimeout =00:01:00 receiveTimeout =00:10:00 的SendTimeout =00:01:00allowCookies =false的 bypassProxyOnLocal =假NameComparisonMode =StrongWildcard maxBufferPoolSize =524288MAXBUFFERSIZE =655360 maxReceivedMessageSize = 655360textEncoding =UTF-8 transferMode =缓冲useDefaultWebProxy =真正的 messageEncoding =TEXT> <安全模式=运输/> < /&结合GT;解决方案
< customBinding> <绑定名称=CusSoap> < sslStreamSecurity requireClientCertificate =真sslProtocols =SSL3 | TLS | Tls11 | Tls12/> < /&结合GT;
但它是在Visual可用工作室2015(.Net框架4.5.2)
We have a web app that has a client implemented with WCF. This client uses SSL_LVL3 to make the handshake with an external service. It turns out that the service just disabled the SSL_LVL3, so we need to change it to TLS 1.0. There is a way to force TLS security in C#:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;But it changes the security of all the services that are used by the app and not all the services accept TLS.
What we would like is to change the web.config to force the WCF service to use TLS. Is there any way to do this?
This is the binding of the service:
<binding name="XXXX" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" NameComparisonMode= "StrongWildcard" maxBufferPoolSize="524288" maxBufferSize="655360" maxReceivedMessageSize="655360" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true" messageEncoding="Text"> <security mode="Transport" /> </binding>解决方案 <customBinding > <binding name="CusSoap"> <sslStreamSecurity requireClientCertificate="true" sslProtocols="Ssl3|Tls|Tls11|Tls12" /> </binding>
But it is available in Visual Studio 2015(.Net Framework 4.5.2)
更多推荐
武力配置在WCF客户端C#TLS 1.0使用
发布评论