How to implement "SecurityProtocolType.Ssl, Ssl1, Ssl2, Ssl3; " through web.config not in global.asax.cs

Question

My question is simple, I have read these two main pages :

• The request was aborted: Could not create SSL/TLS secure channel
• MSDN - Element

But from the first link, it's showing configuration for SecurityProtocol set in global.asax.cs for solving

"System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel."

Here, I want this config is set in web.config / app.config, just for making it a little specific for own project not for all asp.net projects... Then I think the second link {msdn.microsoft.com.....} is the way, but the SSL/TLS error is still there... So my question how to implement following through web.config?

ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
        | SecurityProtocolType.Tls11
        | SecurityProtocolType.Tls12
        | SecurityProtocolType.Ssl3;

I have read this page too Force by config to use tls 1.0 in a wcf client c#, but there are no answers.

and then... I just found these pages :

• https://msdn.microsoft.com/en-us/library/ms731328(v=vs.110).aspx
• https://msdn.microsoft.com/en-us/library/ms731377(v=vs.100).aspx

then I implement my custom binding like this :

<customBinding >
      <binding name="SureTaxSoap">                  
           <sslStreamSecurity requireClientCertificate="true"   sslProtocols="Ssl3|Tls|Tls11|Tls12" >                    
                </sslStreamSecurity>
            </binding>
</customBinding>

but sslProtocols="Ssl3|Tls|Tls11|Tls12" is unidentified

Answer 1

Enum.Parse通常，枚举是使用或从 web.config 中的字符串转换而来Enum.TryParse。我预计（但尚未检查参考源来确认）WCF 设置也是如此。

Enum.Parse使用逗号分隔基于标志的枚举值，但如果需要，也可以将等效的整数值解析为字符串。

因此，如果您的问题是在 web.config 设置中连接基于标志的枚举值，您可以使用逗号分隔来实现此目的，例如：

sslProtocols="SSl3, Tls"
sslProtocols="SSl3, Tls, Tls11, Tls12"

或者，如果您的问题是这Tls12不是一个可识别的值，那么这只是在 .NET 4.5 中添加的。如果您正在针对 .NET 4.0 进行编译，则它不会解析为命名枚举。但是，.NET 4.5 是 4.0 的就地更新，因此如果您安装了4.5 ，您也许能够解析数值：

sslProtocols="4080"

这是从枚举的所有数值的总和中获取的System.Net.SecurityProtocolType。System.Security.Authentication.SslProtocols这些数值也与和中的值相同System.IdentityModel.SchProtocols，因此我猜测它们在您的情况下是相同的。

Ssl3 = 48,
Tls = 192,
Tls11 = 768,
Tls12 = 3072

当然，如果您可以使用它，那么至少升级到 Visual Studio 2012 / .NET 4.5 可能会更清晰，其中命名字符串应该可用。

Answer 2

我也经历过同样的事情，并且我只使用一种 SSL/TLS 协议就让它工作了。

例如，如果您需要最强的安全协议，请使用 sslProtocols="Tls12"。

否则，如果我们不需要指定SSL协议，则默认为.Net4.5中的TLS1