Hello.
we would like to disable tls 1.0 & 1.1 and
vulnerable cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048).
does .net remoting sdk supports tls and cipher suites configuration?
Hi,
No, it doesn’t support.
Nowadays, it is hardcoded as
private static System.Security.Authentication.SslProtocols GetTlsSecurityProtocol()
{
var protocol = System.Security.Authentication.SslProtocols.Tls;
protocol = SslConnection.TryAddSslProtocol(protocol, "Tls11");
protocol = SslConnection.TryAddSslProtocol(protocol, "Tls12");
protocol = SslConnection.TryAddSslProtocol(protocol, "Tls13");
return protocol;
}
Logged as bugs://E26735.
I’ve logged an issue to look at making this configurable (and possibly changing the default of including 1.0 and 1.1).