none
TLS 1.2 RRS feed

  • Question

  • Hi ,

    Is there anyway to support TLS 1.2 from .net framework 3.5?

    I'm unable to download files from server which uses TLS 1.2 using WebClient and HttpWebRequest. It works fine with server which user TLS 1.0. Migrating to .net framework 4.5 is not an option since it is not supported in Windows XP. Correct me if I'm wrong?

    Please suggest.

    Thanks,

    Navyatha


    Navyatha

    Friday, February 7, 2014 6:02 AM

Answers

All replies

  • Hello,

    >> Is there anyway to support TLS 1.2 from .net framework 3.5?

    Unfortunately, TLS 1.2 is not supported by .net framework 3.5. TLS 1.2 can only supported by 4.5.

    Support Scope from 3.5:

    http://msdn.microsoft.com/en-us/library/system.security.authentication.sslprotocols(v=vs.90).aspx

    Support Scope from 4.5:

    http://msdn.microsoft.com/en-us/library/system.security.authentication.sslprotocols(v=vs.110).aspx

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, February 10, 2014 6:57 AM
    Moderator
  • We have recently added a feature for .Net 3.5 allowing applications to optionally use system-default SSL and TLS versions, including TLS 1.2, rather than the versions of TLS now used by default in .Net 3.5.

    To use this feature, you must first install a patch that is specific to each version of Windows, as described in the KB articles below, and then modify the registry as described in each KB article.

     KB3154518

    Reliability Rollup HR-1605 - NDP 2.0 SP2 - Win7 SP1/Win 2008 R2 SP1

     KB3154519

    Reliability Rollup HR-1605 - NDP 2.0 SP2 - Win8 RTM/Win 2012 RTM

     KB3154520

    Reliability Rollup HR-1605 - NDP 2.0 SP2 - Win8.1RTM/Win 2012 R2 RTM

     KB3156421

    1605 HotFix Rollup through Windows Update for Windows 10.



    Monday, November 21, 2016 6:39 PM
  • Hi,

        We have developed a .net client in .net version 3.5 SP1 and which is distributed to many users. When we tested after upgrading our servers to TLS1.2, the web service call from the client failed. So, from the above message just taking the patch is good enough or any coding need to be done?.I am not that familiar with .NET.

    Also, will this work if we distribute this client to other users who work in different windows version?.

    Moving to 4.5 is the last option which requires a full client rewrite I think.

    Thank you

    Tuesday, April 11, 2017 4:36 PM
  • I was able to do this by setting a flag

    'imports System.Security.Authentication, System.Net
    Const _Tls12 As SslProtocols = DirectCast(&HC00, SslProtocols)
    Const Tls12 As SecurityProtocolType = DirectCast(_Tls12, SecurityProtocolType)
    ServicePointManager.SecurityProtocol = Tls12

    https://stackoverflow.com/a/44893192/2559297

    Monday, July 3, 2017 8:35 PM
  • I need to be able to implement a fix for a 3.5 targeted application so that it is able to target a Service end point that only support TLS V1.2 -> without a re-compile to change this setting:

    ServicePointManager.SecurityProtocol = Tls12

    These 3.5 applications are already compiled and distributed. I have followed http://support.microsoft.com/kb/3154518

    with no success.

    Does anybody have this scenario working?

    Thanks.

    Tuesday, September 12, 2017 3:53 PM
  • After installing the patch, SChannel will use the highest TLS version supported in the system instead of the version specified in your code to do the encryption if the registry key specified in the KB article is set. No change in code is required.
    Wednesday, September 13, 2017 1:10 AM
    Answerer
  • Hello,

    Since this post there have been a few versions of Windows 10 released. The KB for Windows10 will not install on newer versions. Is there another KB specific to TLS 1.2 issues that will work for versions 1607, 1703, or 1709?

    Thursday, December 14, 2017 2:21 PM
  • Hi ,

    We have a click once WPF with WCF application developed in .net 3.5 , the application communicates with a client who have updated their TSL 1.0 to TSL 1.2.

    As suggested by you I tried installing the patch on my machine which is Windows 7 SP1 but then it would give the message "The update is not applicable to your computer". could you please guide what I would need to do inorder to get this patch installed.

    I have different .net frameworks installed on my machine and  windows update is also up to date.

    Looking forward for help from you

    Thursday, February 8, 2018 11:52 AM
  • I'm having this exact same issue myself.  I have a dev box which successfully installed the hotfix, but my production box says "The update is not applicable to your computer."  Both are fully patched Windows Server 2012R2, so I'm using KB3154520.  

    I've decided to open a premier support call in case the update was somehow superseded by another that I'm unfamiliar with, since I updated dev much earlier than prod.

    With Azure finally drawing a line in the sand with TLS 1.0, this is going to be a much bigger deal for me soon as far as connecting to/from Azure services.

    Thursday, February 15, 2018 10:01 PM
  • I'm having this exact same issue myself.  I have a dev box which successfully installed the hotfix, but my production box says "The update is not applicable to your computer."  Both are fully patched Windows Server 2012R2, so I'm using KB3154520.  

    I've decided to open a premier support call in case the update was somehow superseded by another that I'm unfamiliar with, since I updated dev much earlier than prod.

    With Azure finally drawing a line in the sand with TLS 1.0, this is going to be a much bigger deal for me soon as far as connecting to/from Azure services.

    Hi Jake0886,

    can you tell me if you had some answers from the 'premier support call'?

    I need to download some https content from the above server using .Net 3.5 SP1 and I have exactly the same issue while trying to install KB3154520 on Microsoft Windows Server 2012 R2 Standard, Version 6.3.9600 Build 9600.

    Thanks.

    Wednesday, March 14, 2018 9:32 AM
  • Just curious... did you ever get a response from Preimere Support? I'm having the exact same problem.

    Thanks,

    Tim

    Thursday, April 5, 2018 3:51 PM
  • Hi,

    My customer have same "The update is not applicable to your computer" issue with KB3154520 in W2012R2, so would like to know what is the Premier support answer to this. Thanks!

    Pete

    Tuesday, April 17, 2018 7:09 AM
  • We never heard anything back from anyone, so we went ahead and applied the registry change which seemed to work. My guess is that the update must have gotten included in a previous update and maybe isn't needed anymore if you're fully patched. Regardless, we've confirmed that the .net 3.5 app only supports TLS v1.2 so hopefully that helps for you.
    Tuesday, April 17, 2018 1:25 PM