问题描述
我有一个发送传出请求的 WCF 服务.目前它使用 SSL 3.0
或 TLS 1.0
.
I have a WCF service which sends an outgoing request. Currently it is using SSL 3.0
or TLS 1.0
.
我向其发送请求的服务现在只接受 TLS 1.2
.
The service I am sending the request to now only accepts TLS 1.2
.
我可以在请求之前(以及每个请求)设置 SecurityProtocolType
,但我希望它对所有传出请求使用 TLS 1.2
,而无需指定对于每个请求.
I can set the SecurityProtocolType
just before the request (and for each request), but I would like it to use TLS 1.2
for all outgoing requests without having to specify it for each request.
此代码为请求正确设置:
This code sets it correctly for the request:
<OperationContract(), WebGet(UriTemplate:="...")>
Public Function SomeService()
System.Net.ServicePointManager.SecurityProtocol = (System.Net.SecurityProtocolType) 3072; // 3072 is TLS 1.2
// Do request
End Function
但我看不到如何将 WCF 设置为对所有请求使用 TLS 1.2
.我曾尝试将上述语句放入 Global.asax
中的 Application_Start
和 Application_BeginRequest
中,但是到执行请求时,SecurityProtocol
回到 SSL3/TLS1.0
But I cannot see how to set WCF to use TLS 1.2
for all requests. I have tried placing the above statement into Application_Start
and Application_BeginRequest
in Global.asax
, but by the time it comes to doing the request, SecurityProtocol
is back to SSL3/TLS1.0
推荐答案
如果您有权访问注册表,则可以应用以下项:注册表键
If you have access to the registry you can apply the following key:registry key
这会在传输层的 Windows 级别强制执行 TLS 1.2,因此您无需更改任何代码.
This enforces TLS 1.2 at the Windows level of the Transport Layer so you don't need to change any code.
这些是上面文件中更改的键:
These are the keys changed in the above file:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
这篇关于在所有连接上强制 ServicePointManager.SecurityProtocol 为 TLS 1.2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!