如何在Asp.Net Core 3.1中启用TLS 1.2

本文介绍了如何在Asp.Net Core 3.1中启用TLS 1.2的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我正在研究Asp.Net Core 3.1项目.我正在本地测试.我开始收到错误消息，

您的连接不完全安全该网站使用了过时的安全性配置，当它发送到该网站时，可能会暴露您的信息(例如，密码，消息或信用卡).NET :: ERR_SSL_OBSOLETE_VERSION

用于加载此站点的连接使用TLS 1.0或TLS 1.1，已弃用，以后将被禁用.一旦禁用，将阻止用户加载该网站.服务器应启用TLS 1.2或更高版本.

我什至从Program.cs启用了TLS 1.2，如下所示-

公共静态IHostBuilder CreateHostBuilder(string [] args)=>Host.CreateDefaultBuilder(args).ConfigureWebHostDefaults(webBuilder =>{webBuilder.ConfigureKestrel(serverOptions =>{serverOptions.ConfigureHttpsDefaults(co =>{co.SslProtocols = SslProtocols.Tls12;});}).UseStartup< Startup>();});

但仍然是相同的错误.

能否请您指导如何解决此问题?

解决方案

为了解决该错误，我尝试使用

最终，我偶然发现了与

共享的文章

Windows 7支持TLS 1.1和TLS 1.2.但是这些协议版本默认情况下未启用该功能.在Windows 8及更高版本上，协议默认为启用.

因此，这是导致错误的真正原因.我通过从注册表编辑器启用TLS 1.2来解决此问题.甚至Microsoft也建议使用相同的解决方案.

希望它可以节省别人的时间.

I am working on Asp.Net Core 3.1 project. I am testing locally. I started getting errors as

Your connection is not fully secure This site uses an outdated security configuration, which may expose your information (for example, passwords, messages or credit cards) when it is sent to this site. NET::ERR_SSL_OBSOLETE_VERSION

The connection used to load this site used TLS 1.0 or TLS 1.1, which are deprecated and will be disabled in the future. Once disabled, users will be prevented from loading this site. The server should enable TLS 1.2 or later.

I have even enabled TLS 1.2 from Program.cs as below -

public static IHostBuilder CreateHostBuilder(string[] args) => Host.CreateDefaultBuilder(args) .ConfigureWebHostDefaults(webBuilder => { webBuilder.ConfigureKestrel(serverOptions => { serverOptions.ConfigureHttpsDefaults(co => { co.SslProtocols = SslProtocols.Tls12; }); }).UseStartup<Startup>(); });

But still same error.

Can you please guide how to resolve this issue?

解决方案

In order to fix the error, I tried with the solution. That didn't help. The method I tried was suggested here which, as per author, seem to work for ASP.NET Core 2.0 only.

I take look over configuration options and found that by default ASP.NET Core 3.1 uses TLS 1.1 and TLS 1.2 for requests. So, we need nothing to do from code end.

Eventually, I stumbled over an article that shares-

Windows 7 supports TLS 1.1 and TLS 1.2. But these protocol versions are not enabled on it by default. On Windows 8 and higher these protocol are enabled by default.

So, this was the real cause of the error. I fixed the issue by enabling TLS 1.2 from the registry editor. Even Microsoft suggested the same solution.

Hope it saves somebody else's time.