英文:
AppService Azure Cloud - Force TLS 1.2 outbound - C#
问题
抱歉,我的英文可能不太准确。
在Azure云中,我遇到了TLS协议的问题。
当我尝试向西班牙税务局的外部Web服务发出请求时,它返回以下消息:请求被取消:无法创建安全的SSL/TLS通道。
在本地环境中进行测试时,我使用以下语句解决了这个问题:System.Net.ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12;
但是相同的源代码在Azure AppService中不起作用。
我如何强制Azure使用这个协议?
我没有访问客户端环境的权限,只能使用Azure门户。
AppService - ASP.NET 4.8 Framework 4.5.2
我修改了Web.Config的targetFramework字段的值为4.7.2,但没有变化。
英文:
First of all, apologies if my english is not quite correct.
I'm having a problem with the TLS protocol in the Azure cloud.
When I try to make a request to an external web service of the Spanish Tax Agency, it returns the following message: The request was cancelled: A secure SSL/TLS channel could not be created.
Testing in a local environment, I solved this with the following statement: System.Net.ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12;
But the same source code doesn't work in the Azure AppService.
How do I force the protocol for Azure?
I don't have access to a client environment, only the azure portal.
AppService - ASP.NET 4.8 FrameWork 4.5.2
Modify the value of the Web.Config targetFramework field to 4.7.2, but no changes
答案1
得分: 1
感谢 @jdweng 的评论
> 在本地环境中进行测试,我通过以下语句解决了这个问题:System.Net.ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12; 但是相同的源代码在Azure AppService中不起作用。
为了解决这个问题,请尝试手动升级应用服务的TLS版本:
进入您的 Web App=>设置=>配置=>常规设置=> 选择TLS 1.2
如下所示:
Web.Config:
注意:
-
.NET Framework 4.7 (或更高版本) 使用操作系统设置来确定SSL/TLS连接的默认安全协议。
-
如官方的 MSDOC 中所述,在.NET Framework应用程序中硬编码和指定TLS版本并不是最佳做法。
英文:
Thanks for the comments @jdweng
>Testing in a local environment, I solved this with the following statement: System.Net.ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12; But the same source code doesn't work in the Azure AppService.
To resolve this, try to upgrade TLS version of your app service manually:
Go to your Web App=>settings=>configuration=>General Settings=> Select TLS 1.2
as shown below:
Web.Config:
Note:
-
.NET Framewok 4.7 (or) later versions uses the OS settings to determine the default security protocol for SSL/TLS connections.
-
As mentioned in the official MSDOC, it is not best practice to hard code and specify TLS version in .NET framework application.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论