SyntaxFix

[c#] Update .NET web service to use TLS 1.2

I need to use TLS 1.2 to connect from my .NET web service to another that is going to force TLS 1.2. I found a resource that said .NET 4.6 uses TLS 1.2 by default so that sounded like the easiest solution. I updated the .NET framework on the server and restarted. In IIS I tried to make an application pool using .NET 4.6 but 4.0 was the only option. Then I found something that said it would still say 4.0 because 4.6 is an "in place" update to .NET 4.0. So I thought maybe I was done. However on an error page that I got for unrelated reasons, it said Microsoft .NET Framework Version:4.0.30319 so it seems I have not successfully upgraded. Any pointers on how to make sure my application pool is using .NET 4.6, or more generally how to enable TLS 1.2?

This question is related to c# .net tls1.2

The answer is

PowerBI Embedded requires TLS 1.2.

The answer above by Etienne Faucher is your solution. quick link to above answer... quick link to above answer... ( https://stackoverflow.com/a/45442874 )

PowerBI Requires TLS 1.2 June 2020 - This Is your Answer - Consider Forcing your IIS runtime to get up to 4.6 to force the default TLS 1.2 behavior you are looking for from the framework. The above answer gives you a config change only solution.

Symptoms: Forced Closed Rejected TCP/IP Connection to Microsoft PowerBI Embedded that just shows up all of a sudden across your systems.

These PowerBI Calls just stop working with a Hard TCP/IP Close error like a firewall would block a connection. Usually the auth steps work - it is when you hit the service for specific workspace and report id's that it fails.

This is the 2020 note from Microsoft PowerBI about TLS 1.2 required

PowerBIClient

methods that show this problem

GetReportsInGroupAsync GetReportsInGroupAsAdminAsync GetReportsAsync GetReportsAsAdminAsync Microsoft.PowerBI.Api HttpClientHandler Force TLS 1.1 TLS 1.2

Search Error Terms to help people find this: System.Net.Http.HttpRequestException: An error occurred while sending the request System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.

Add the following code before you instantiate your web service client:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Or for backward compatibility with TLS 1.1 and prior:

System.Net.ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12;

For me below worked:

Step 1: Downloaded and installed the web Installer exe from https://www.microsoft.com/en-us/download/details.aspx?id=48137 on the application server. Rebooted the application server after installation was completed.

Step 2: Added below changes in the web.config

<system.web>
    <compilation targetFramework="4.6"/> <!-- Changed framework 4.0 to 4.6 -->
    <!--Added this httpRuntime -->
    <httpRuntime targetFramework="4.6" />
</system.web>

Step 3: After completing step 1 and 2, it gave an error, "WebForms UnobtrusiveValidationMode requires a ScriptResourceMapping for 'jquery'. Please add a ScriptResourceMapping named jquery(case-sensitive)" and to resolve this error, I added below key in appsettings in my web.config file

<appSettings>
      <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
</appSettings>

if you're using .Net earlier than 4.5 you wont have Tls12 in the enum so state is explicitly mentioned here 

ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

Three steps needed:

  1. Explicitly mark SSL2.0, TLS1.0, TLS1.1 as forbidden on your server machine, by adding Enabled=0 and DisabledByDefault=1 to your registry (the full path is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols). See screen for details registry

  2. Explicitly enable TLS1.2 by following the steps from 1. Just use Enabled=1 and DisabledByDefault=0 respectively.

NOTE: verify server version: Windows Server 2003 does not support the TLS 1.2 protocol

  1. Enable TLS1.2 only on app level, like @John Wu suggested above.

    System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Hope this guide helps.

UPDATE As @Subbu mentioned: Official guide

Source: Stackoverflow.com

Examples related to c#

How can I convert this one line of ActionScript to C#? Microsoft Advertising SDK doesn't deliverer ads How to use a global array in C#? How to correctly write async method? C# - insert values from file into two arrays Uploading into folder in FTP? Are these methods thread safe? dotnet ef not found in .NET Core 3 HTTP Error 500.30 - ANCM In-Process Start Failure Best way to "push" into C# array

Examples related to .net

You must add a reference to assembly 'netstandard, Version=2.0.0.0 How to use Bootstrap 4 in ASP.NET Core No authenticationScheme was specified, and there was no DefaultChallengeScheme found with default authentification and custom authorization .net Core 2.0 - Package was restored using .NetFramework 4.6.1 instead of target framework .netCore 2.0. The package may not be fully compatible Update .NET web service to use TLS 1.2 EF Core add-migration Build Failed What is the difference between .NET Core and .NET Standard Class Library project types? Visual Studio 2017 - Could not load file or assembly 'System.Runtime, Version=4.1.0.0' or one of its dependencies Nuget connection attempt failed "Unable to load the service index for source" Token based authentication in Web API without any user interface

Examples related to tls1.2

A fatal error occurred while creating a TLS client credential. The internal error state is 10013 Update .NET web service to use TLS 1.2 How to enable TLS 1.2 in Java 7 TLS 1.2 in .NET Framework 4.0 How to use TLS 1.2 in Java 6 NSURLSession/NSURLConnection HTTP load failed on iOS 9

Tags

Google-buzz Emotion Custom-post-type R Updown Pingdom Volatility Iis Return-by-reference Colorfilter Anonymous-delegates Xop Data-manipulation Sitecore5.2 Voicemail Cakephp-2.0 Const-char Multiple-value Jflex Wms 7zip No-response Xmltask Labelfunction Webpartpage Projectitem Argument-error Opc Operation-contract Windows-screensaver Eye-tracking Gui-toolkit End-to-end Multi-tenant Oracle-ucm Newid Primavera Behind Ms-access-2010 Constraintexception Rangevalidator Class-completion Command-timeout Bookmarklet Dcc32 Tmenuitem Placement-new Scatter-plot Addition Xsltc Codaset Manage.py Loginstatus Busy-loop Source-server Designer Wordpress So-linger Inventory Cgcolorspace Asp.net-cache Mysql-error-1264 Google-ajax-search-api Command-objects Itemcontainerstyle Browser-bugs Heap-fragmentation Dumping Celery Database-partitioning Dimensionality-reduction Android-compatibility Web-client Pligg Queue Quicklisp Dtsearch Portable-contacts Norm Log4perl End-of-line Erp Keypad Image-file Search-multiple-words Row Rokon Machine-translation Game-ai Flash-10 Twitpic Nstableview Winhelp Uisearchbardisplaycontrol Latex-suite Epl Json-c Supercomputers Diskspace Orthogonal