You need to sign in to do that
Don't have an account?
igress
.NET 4.0 TLS 1.0 Encryption
Hi ,
Since Salesforce Disabling TLS 1.0 Encryption, I am using .NET Framework 4.0 Webclient class to connect to salesforce.
var _webClient=new WebClient();
var content = new System.Collections.Specialized.NameValueCollection
{
{"grant_type", "password"},
{"client_id", clientId},
{"client_secret", clientSecret},
{"username", username},
{"password", password}
};
var responseBytes = _webClient.UploadValues(tokenRequestEndpointUrl, "POST", content);
var responseBody = Encoding.UTF8.GetString(responseBytes);
I know that System.Net.ServicePointManager.SecurityProtocol (https://msdn.microsoft.com/en-us/library/system.net.securityprotocoltype(v=vs.100).aspx)supports Tls (which is default choice) . But as you look at the link it says it is TLS1.0 protocol. How do I specify TLS1.1 and higher.
I cannot upgrade my existing solution to .NET4.5 since it is a huge undertaking. Is upgrading to .NET4.5 the only way because I see System.Net.ServicePointManager.SecurityProtocol (https://msdn.microsoft.com/en-us/library/system.net.securityprotocoltype(v=vs.110).aspx) supports TLS1.1 and 1.2.
Thanks
Related post: https://developer.salesforce.com/forums/ForumsMain?id=906F0000000BMX0IAO
Since Salesforce Disabling TLS 1.0 Encryption, I am using .NET Framework 4.0 Webclient class to connect to salesforce.
var _webClient=new WebClient();
var content = new System.Collections.Specialized.NameValueCollection
{
{"grant_type", "password"},
{"client_id", clientId},
{"client_secret", clientSecret},
{"username", username},
{"password", password}
};
var responseBytes = _webClient.UploadValues(tokenRequestEndpointUrl, "POST", content);
var responseBody = Encoding.UTF8.GetString(responseBytes);
I know that System.Net.ServicePointManager.SecurityProtocol (https://msdn.microsoft.com/en-us/library/system.net.securityprotocoltype(v=vs.100).aspx)supports Tls (which is default choice) . But as you look at the link it says it is TLS1.0 protocol. How do I specify TLS1.1 and higher.
I cannot upgrade my existing solution to .NET4.5 since it is a huge undertaking. Is upgrading to .NET4.5 the only way because I see System.Net.ServicePointManager.SecurityProtocol (https://msdn.microsoft.com/en-us/library/system.net.securityprotocoltype(v=vs.110).aspx) supports TLS1.1 and 1.2.
Thanks
Related post: https://developer.salesforce.com/forums/ForumsMain?id=906F0000000BMX0IAO
There are a couple of options for .NET 4.0 listed in Are there .NET implementation of TLS 1.2? (http://stackoverflow.com/q/4137106/54026). You would be doing COM to schannel.dll (http://msdn.microsoft.com/en-us/library/aa380516%28v=VS.85%29.aspx) or using a third party product (http://stackoverflow.com/a/4138158/54026).
In my opinion, upgrading the .NET framework would be less error prone than those approaches.
All Answers
There are a couple of options for .NET 4.0 listed in Are there .NET implementation of TLS 1.2? (http://stackoverflow.com/q/4137106/54026). You would be doing COM to schannel.dll (http://msdn.microsoft.com/en-us/library/aa380516%28v=VS.85%29.aspx) or using a third party product (http://stackoverflow.com/a/4138158/54026).
In my opinion, upgrading the .NET framework would be less error prone than those approaches.
Windows 7 or higher as well as Windows Server 2008 R2 and higher are required for TLS 1.1 and TLS 1.2 support. Is your operating system at that level or higher? If it's an earlier version of Windows or Windows Server, you will need to upgrade to a newer version to get support for TLS 1.1 and TLS 1.2.
It's possible that your unmodified application may support TLS 1.1 and TLS 1.2 when run in Windows 7 or higher or Windows Server 2008 R2 or higher, though it depends heavily on the details of the .NET library and the application. If the application is specifying the TLS protocols to enable, then it may just remain as TLS 1.0 in Windows 7 or higher or Windows Server 2008 R2 or higher. Hopefully, there is a way to be general about it rather than specifying the exact protocols to use, and I hope that .NET can use the operating system's configured default TLS client settings in that scenario.
The TLS settings at the operating system level are different from the TLS/SSL settings used in Internet Explorer. I created a group policy template at https://www.moonlightdesign.org/TLS-SSL-Protocols last year that can configure the operating system level settings (unofficial and not related to Salesforce), which updates the registry keys in HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\* .