Remove From My Forums

SslStream.SslProtocol always returns TLS (TLS 1.0)

Question
0

Sign in to vote

Trying to retrieve encryption connection details from website. Below is the code.

string strWebsiteName = "social.msdn.microsoft.com"
TcpClient _myClient = new TcpClient();
SslStream _myStream;
_myClient.Connect(strWebsiteName, 443);
_myStream = new SslStream(_myClient.GetStream());
_myStream.AuthenticateAsClient(strWebsiteName);

Console.WriteLine("SSL Protocol : " + _myStream.SslProtocol.ToString().ToUpper());

Though social.msdn.microsoft.com uses TLS 1.2, the code returns TLS which is TLS 1.0. Can anyone help where I am missing.

Monday, January 11, 2016 6:11 PM

Answers

0

Sign in to vote
Thank you Albert. I was able to get an answer. Below is the snippet. We can include desired protocol version and it returns the highest version supported.

_myStream.AuthenticateAsClient(strWebsiteName, new X509CertificateCollection(),SslProtocols.Tls12 | SslProtocols.Tls11 |SslProtocols.Default,false);
- Proposed as answer by Albert_Zhang Tuesday, January 19, 2016 10:21 AM
- Marked as answer by Kristin Xie Wednesday, January 20, 2016 1:57 AM
Tuesday, January 12, 2016 7:26 AM

All replies

0

Sign in to vote

Hi Jagadheesh Venkatesan,

>> Though social.msdn.microsoft.com uses TLS 1.2, the code returns TLS which is TLS 1.0. Can anyone help where I am missing.

According to the following link that’s about the Remarks for SslStream.AuthenticateAsClient Method (String) you could know that this method use Default SslProtocol to authenticate. So the SslProtocol would always be Transport Layer Security (TLS) 1.0 if your client has enable it. About why it would not be Secure Sockets Layer (SSL) 3.0, you should know that the SSL server would return the highest version supported by both peers.

https://msdn.microsoft.com/en-us/library/ms145060(v=vs.110).aspx#Anchor_2

Best Regards,

Albert Zhang

Tuesday, January 12, 2016 4:26 AM
0

Sign in to vote

Btw, althougth not specified in your code, just want to point out that if you want to run it on a system without .NET 4.5+ version of runtime installed, TLS1.0 is the best you can get (TLS1.1 and TLS1.2 support is added in .NET v4.5).

Tuesday, January 12, 2016 6:04 AM

Answerer
0

Sign in to vote
Thank you Albert. I was able to get an answer. Below is the snippet. We can include desired protocol version and it returns the highest version supported.

_myStream.AuthenticateAsClient(strWebsiteName, new X509CertificateCollection(),SslProtocols.Tls12 | SslProtocols.Tls11 |SslProtocols.Default,false);
- Proposed as answer by Albert_Zhang Tuesday, January 19, 2016 10:21 AM
- Marked as answer by Kristin Xie Wednesday, January 20, 2016 1:57 AM
Tuesday, January 12, 2016 7:26 AM
0

Sign in to vote

Yes Cheong. Working on .NET 4.5.1

Tuesday, January 12, 2016 7:28 AM
0

Sign in to vote

Hi Jagadheesh Venkatesan,

I am glad to know you solved this problem and thanks for sharing the solution.

It will be very beneficial for other community members who have the similar questions.

Best Regards,

Albert Zhang
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click HERE to participate the survey.

Tuesday, January 19, 2016 10:21 AM

Answered by:

SslStream.SslProtocol always returns TLS (TLS 1.0)

Question

Answers

All replies