Force TLS version to at least 1.1

[pozil]

By default .NET uses TLS 1.0 but since Summer 16, connections are only allowed with TLS 1.1 or above.

When testing the console sample app, connections using TLS 1.0 will be rejected with a really unclear error message: "retry your request".

Please add a test to prevent the connection being established with an insufficient TLS version or force a default version.

[jcalabro]

To be clear, .NET < 4.6 uses TLS 1.0, you should be set if you use >= 4.6. I do not, and needed a very quick (non-portable) solution to the problem, maybe it can help you out for the time being? If not no worries, this should really be fixed in the main repo though.

(edit: wrong .NET version)

[wadewegner]

@jcalabro Why fork and not submit a pull request with fixes for others to use?

[wadewegner]

@pozil That's a good suggestion.

[jcalabro]

I ruined the portability of it, and I don't currently have the time to make a portable solution unfortunately :/

[wadewegner]

@jcalabro Understood. If you'll point out the significant updates I'd be happy to take them into consideration and update if possible (while keeping it portable).

[jcalabro]

Certainly. Qucik note, I renamed the projects and removed the ones I didn't need in the fork to avoid confusion about which .dll I'd be referencing in my projects in the future, sorry if that throws you off.

This was a very helpful SO post that got me pointed in the right direction (I spent a while trying to debug this issue before hand).

The only code I changed was a single line addition in CommonLibrariesForNETNonPortable/AuthenticationClient.cs on line 34, on which I simply inserted

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

I simply haven't done enough research to know whether or not there's a cross-platform implementation of TLS >1.0; I've never written for any .NET platform other than the .NET framework :). A quick google search doesn't bring much up unfortunately, but I bet you know better than I do.

[pozil]

Unfortunately, I ended up working on a legacy .NET version (2.0) so I had to give up using this integration project.

However before realizing that the .NET version would be an issue I came to the same conclusion as @jcalabro.

[richhosek]

Found the same solution as @jcalabro, except I placed it in the Global.asax for the Web App. I wasn't able to insert it into the PCL since it was missing a reference and I wanted a solution that I could use with the Nuget libraries right away.

[migasj]

I have created a pull request (#231) which addresses this issue as well as a couple others I ran into getting this project running.