C# WCF服务器接受TLS 1.0连接_C#_Wcf_Ssl_Tls1.2

C# WCF服务器接受TLS 1.0连接

c# wcf ssl

C# WCF服务器接受TLS 1.0连接,c#,wcf,ssl,tls1.2,C#,Wcf,Ssl,Tls1.2,我有一个非常简单的问题。我有一个WCF服务器，它应该只接受TLS 1.2连接。但每次我通过firefox或任何浏览器连接到它时，它都使用TLS1.0 .NET Framework版本为4.6.1，因此应支持TLS 1.2。这是我的app.config： <?xml version="1.0" encoding="utf-8"?> <configuration> <configSections> </configSections> &l

我有一个非常简单的问题。我有一个WCF服务器，它应该只接受TLS 1.2连接。但每次我通过firefox或任何浏览器连接到它时，它都使用TLS1.0

.NET Framework版本为4.6.1，因此应支持TLS 1.2。这是我的app.config：

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <configSections>
  </configSections>
  <connectionStrings>
    <add name="WCFServer.Properties.Settings.ConnectionString" connectionString="SomeConnectionString" />
  </connectionStrings>
  <system.serviceModel>
    <bindings>          
  <netTcpBinding>
    <binding name="TestNetTcpBinding">
      <reliableSession enabled="true" />
      <security>
        <message clientCredentialType="Windows" algorithmSuite="Basic256Sha256Rsa15" />
      </security>
    </binding>
  </netTcpBinding>
</bindings>
<behaviors>
  <endpointBehaviors>
    <behavior name="MyCustomAttributeBehavior">
      <Validator />
    </behavior>
  </endpointBehaviors>
  <serviceBehaviors>
    <behavior name="DefaultBehavior">
      <serviceDebug includeExceptionDetailInFaults="true" />
      <serviceMetadata httpsGetEnabled="true" httpsGetUrl="mex" policyVersion="Default" />
    </behavior>
  </serviceBehaviors>
</behaviors>
<extensions>
  <behaviorExtensions>
    <add name="Validator" type="WCFServer.RightAttribute.MyBehaviorSection, WCFServer, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
  </behaviorExtensions>
</extensions>
<services>
  <service behaviorConfiguration="DefaultBehavior" name="WCFServer.Services.Implementations.BusinessService">
    <endpoint address="ProductService" behaviorConfiguration="MyCustomAttributeBehavior"
      binding="netTcpBinding" bindingConfiguration="TestNetTcpBinding"
      contract="WCFServer.Services.Interfaces.IProductService" />
    <endpoint address="UserService" behaviorConfiguration="MyCustomAttributeBehavior"
      binding="netTcpBinding" bindingConfiguration="TestNetTcpBinding"
      contract="WCFServer.Services.Interfaces.IUserService" />
    <host>
      <baseAddresses>
        <add baseAddress="net.tcp://SomeHost/WCFService/Service" />
        <add baseAddress="https://SomeHost/WCFService/Service" />
      </baseAddresses>
    </host>
  </service>
</services>
  </system.serviceModel>
  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
  <dependentAssembly>
    <assemblyIdentity name="NHibernate" publicKeyToken="aa95f207798dfdb4" culture="neutral" />
    <bindingRedirect oldVersion="0.0.0.0-4.1.0.4000" newVersion="4.1.0.4000" />
  </dependentAssembly>
</assemblyBinding>
  </runtime>
</configuration>

我的类BusinessService同时实现IUserService和IPProductService

您可以忽略MyCustomAttributeBehavior。只是一些拦截器的东西，这不重要

编辑：证书是可以的。firefox也这么说。证书是否必须满足任何特殊要求？我不这么认为，但我不确定

我已经尝试在host.Open前后设置SecurityProtocol。两者都不起作用

任何帮助都将不胜感激

谢谢

ServicePointManager.SecurityProtocol仅用于打开连接，不用于接收连接。如果您使用的是基于HTTP的绑定，如BasicHttpsBinding，则使用的SSL/TLS版本将取决于自托管的HTTP.SYS配置或IIS中的配置，而这又取决于计算机上的全局SCHANNEL设置

在本例中，您使用的是NetTcp，我记得它根本没有使用SSL/TLS

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var host = new ServiceHost(typeof(BusinessService));
host.Open();    
Console.WriteLine("Services Ready");
Console.WriteLine("Press any button to close services.");
Console.Read();
host.Close();
Environment.Exit(0);