Giallo
Reputation: 795
Any way to restrict ASP.NET Core 2.0 HTTPS to TLS 1.2?
I have an ASP.NET Core 2.0 REST server running fine, but I need to restrict access to TLS1.2 - how do I do this? Can't seem to find any documentation on it. Server is running on Kestrel. Thanks!
Upvotes: 8
Views: 15032
Answers (3)
Keshab
Reputation: 256
In .NET Core 3.1, you can force TLS 1.2 by adding code below inside ConfigureWebHostDefaults in Program.cs
webBuilder.UseKestrel(opt =>
{
opt.AddServerHeader = false;
opt.ConfigureHttpsDefaults(s =>
{
s.SslProtocols = SslProtocols.Tls12;
});
});
Image below for full code visiblity:
Upvotes: 0
Greg
Reputation: 181
.NET Core 2.1 Kestrel config:
.UseKestrel(c =>
{
c.ConfigureHttpsDefaults(opt =>
{
opt.SslProtocols = SslProtocols.Tls12;
});
})
Upvotes: 6
Kirk Larkin
Reputation: 93053
There's a UseHttps overload that allows you to provide a HttpsConnectionAdapterOptions instance to configure this. Here's an example of what this might look like in your case:
listenOptions.UseHttps(new HttpsConnectionAdapterOptions
{
...
SslProtocols = SslProtocols.Tls12
});
For reference, SslProtocols defaults to SslProtocols.Tls12 | SslProtocols.Tls11.
Upvotes: 17
Related Questions
- Forcing .NET application to use TLS 1.2 or later
- Enabling TLS1.2 or TLS1.3 in c# asp.net core 3.1
- Anyway to restrict Owin HTTPS to TLS 1.2?
- How to implement TLS 1.2 in ASP.Net Core 2.0
- How to enable TLS 1.2 in Asp.Net Core 3.1
- How to ignore SSL validation in .net core 2.1
- How to enable TLS 1.2 for API call in ASP.NET 2.0 application?
- How to use TLS 1.2 in ASP.NET Core 2.0
- Use SSL Certificate in ASP.NET Core 2.1 while Developing
- Enable TLS 1.2 on .NET 4.5.1