none
set specific cipher suites RRS feed

  • General discussion

  • Hi,

    I need fully managed .Net SSL for socket communication. Hence, I am trying
    to use SSLStream for secure communications as provided in


    I also need a way to specify the CipherAlgorithm which will be used for
    the communications. But, the SSLStream documentation does not give any
    option to Set the CipherAlgorithm. It has only Get property for the
    CipherAlgorithm.

    Is there a way to set the CipherAlgorithm at individual application level
    when the SSLStream is used..?

    There is a for
    prioritizing the cipher suites. But, by changing the order of cipher
    suites using gpedit.msc, the application was not picking the specified
    first CipherAlgorithm.

    What I could see was, when Ssl3 was used in protocol options, the
    CipherAlgorithm was always RC4_SHA_US and when the Tls was used in
    protocol options, the cipherAlgorithm was always
    TLS_RSA_WITH_AES_128_CBC_SHA.  And the communication with the server was successful with these two. But, I have lot of other ciphers also, which i want the communication to succeed.

    Is there a way to change the CipherAlgorithms when SSLStream is used ..?
    Or Is there any other fully managed .Net way other than SSLStreams I can
    specify the CipherAlgorithm and use the SSL, without writing my own
    Encrypt/Decrypt message...?

    I am using Windows 7 Professional with Service Pack 1 on my system. 

    Thanks

    • Moved by Bill_Stewart Sunday, July 14, 2013 2:48 PM Moving to more appropriate forum
    • Changed type Min ZhuModerator Monday, July 22, 2013 7:55 AM
    Sunday, July 14, 2013 2:44 PM

All replies

  • Hi,

    I was also looking for a similar facility from SSLStream and the answer from Microsoft is that at the moment there's no property/method exposed from SSLStream class to set a CipherAlgorithm. All that is possible is to edit Windows Group Policy and set the CipherAlgorithm order with highest preferred on the top. To remind, any change to Group Policy requires machine reboot to take effect and these changes will be machine wide.

    Thursday, August 1, 2013 5:08 AM