Any way to restrict ASP.NET Core 2.0 HTTPS to TLS 1.2?
12,323
Solution 1
There's a UseHttps
overload that allows you to provide a HttpsConnectionAdapterOptions
instance to configure this. Here's an example of what this might look like in your case:
listenOptions.UseHttps(new HttpsConnectionAdapterOptions
{
...
SslProtocols = SslProtocols.Tls12
});
For reference, SslProtocols
defaults to SslProtocols.Tls12 | SslProtocols.Tls11
.
Solution 2
.net core 2.1 Kestrel config:
.UseKestrel(c =>
{
c.ConfigureHttpsDefaults(opt =>
{
opt.SslProtocols = SslProtocols.Tls12;
});
})
Author by
Giallo
Updated on July 29, 2022Comments
-
Giallo almost 2 years
I have an ASP.NET Core 2.0 REST server running fine, but I need to restrict access to TLS1.2 - how do I do this? Can't seem to find any documentation on it. Server is running on Kestrel. Thanks!