Disable TLS on SQL-Connection in ASP.NET Core

Question

I'm using Microsoft.Data.SqlClient for dealing with MS SQL-Server connections. Now, for debug reasons I need to temporarily disable TLS encryption of the SqlConnection so I can monitor it with wireshark.

Setting "encrypt=false" in connection string had no effect. Since the SQL Server instance isn't in my field of responsibility I cannot modify anything there.

Is there a way to disable connection security?

Answer 1

According to Microsoft:

To disable the TLS 1.2 protocol, create an Enabled entry in the appropriate subkey. This entry does not exist in the registry by default. After you have created the entry, change the DWORD value to 0. To enable the protocol, change the DWORD value to 1.

Registry paths for TLS 1.2:

HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client

TLS 1.2 subkey table:

Here is the C# sample code:

using Microsoft.Win32;

string subkeyTLS = @"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2";
Registry.SetValue(subkeyTLS, "DisabledByDefault", 1, RegistryValueKind.DWord);
Registry.SetValue(subkeyTLS, "Enabled", 0, RegistryValueKind.DWord);

string subkeyTLSClient = @"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client";
Registry.SetValue(subkeyTLSClient, "DisabledByDefault", 1, RegistryValueKind.DWord);
Registry.SetValue(subkeyTLSClient, "Enabled", 0, RegistryValueKind.DWord);