none
Comunication issues with HTTPS via TLS 1.2

    Pertanyaan

  • Hello!!!

    I have been working with IT for some years now and I am working on a project where I need to communicate a .NET application with a WebService via HTTPS that requires this communication to be performed via TLS 1.2 protocol.

    But I'm having a problem getting this communication done. Even if you check the SSL 3.0, TLS 1.0, and TLS 1.2 options in Internet Options, Microsoft Edge and Internet Explorer browsers are not able to do the handshake with any HTTPS site using this TLS 1.2 protocol. When testing on another browser (Chrome, for example), it works without major problems.

    I joined several forums on the internet and have already made the various tips that were included there:

    1 - Create the registry [HKLM \ SOFTWARE \ Microsoft \ .NETFramework \ v4.0.30319] SchUseStrongCrytpo = 1 and SystemDefaultTlsVersions = 0 (which, according to information, if enabled, I consider the windows TLS settings instead of the settings set in the source of the system);

    2. Create the keys and the corresponding values ​​in the registry path: [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ SecurityProviders \ SCHANNEL \ Protocols];

    3- Check the SSL 3.0, TLS 1.0 and TLS 1.2 options in the internet options (I even changed the commissions to see if it worked, but it did not work);

    4- I changed the group policies of windows to force the protocols mentioned above, done that, I verified that these options in the settings of internet explorer were left unmarked;

    In the [HKLM \ SYSTEM \ CurrentControlSet \ Control \ SecurityProviders \ SCHANNEL \ Ciphers] path, I created the RC4 keys 128/128, RC4 40/128 and RC4 56/128, all with the "Enabled" DWORD reset, also unsuccessful ;

    6- I ran the IISCryto and IISCryptoClient tool. In this first application, I checked the "Best Practices" button and rebooted the machine, but also to no avail.

    7- Redefine ALL the settings of Internet Explorer as well as tried to tweak all the settings of the security level of the internet options;

    8- As the authentication with the site that I want to connect in specific, is done via digital certificate, I uninstalled everything related to the certificate. As I got more than one machine with this kind of problem, I tried doing this procedure with the A1, A3 and Token certificates to see if it could be something driver related or something;

    9- I ran the sfc / scannow command to check if there were any integrity issues in the operating system, and in most cases, or there was nothing wrong, or the procedure corrected possible problems;

    10- I ran the update of all versions of this windows 10 until I clicked "Check for updates" and no more pending updates appear. As far as I can tell, this situation occurs in both version 1803 and 1709 of windows 10. I have not yet gotten any installation in 16XX to see if it could be a OS version or build issue.

    11- Make the search, verification and repair of possible viruses on the client machine. In some of the cases where I got this, the virus scanner did not detect any items that were harmful to the OS installation.

    12- To solve, in many cases, the formatting of the machine is made and the reinstallation of all applications "from scratch", then the communication happens again without problems;

    13- In the system source code, I used the System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 since I could not put a version of the project framework to anything above 4.5.2 for compatibility of some components we use. Therefore, the application tries to communicate through TLS 1.2 but without success.

    Any and all procedure related to windows 10 that I found about this connection problem using TLS 1.2 that I found on the internet I already performed on my clients machine, but still unsuccessful !! The curious that neither Windows 7 has given me as much headache as Windows 10 has done.

    If anyone can give a tip, thank you! Hug to everyone!!!


    Kamis, 02 Agustus 2018 11.18

Jawaban

  • WBJUS,

    Sorry but you have posted to a forum that deals exclusively with questions/issues about Microsoft Project, a project management application. It sounds like you have already participated in several forums but this one won't help you. If unsure, you could try posting to:

    https://social.technet.microsoft.com/Forums/en-US/home?forum=whatforum

    John

    Kamis, 02 Agustus 2018 21.23