Any way to restrict ASP.NET Core 2.0 HTTPS to TLS

2020-02-26 11:05发布

I have an ASP.NET Core 2.0 REST server running fine, but I need to restrict access to TLS1.2 - how do I do this? Can't seem to find any documentation on it. Server is running on Kestrel. Thanks!

标签： c# asp.net asp.net-core .net-core

2条回答

Emotional °昔

2楼-- · 2020-02-26 11:40

.net core 2.1 Kestrel config:

.UseKestrel(c =>
            {
                c.ConfigureHttpsDefaults(opt =>
                {
                    opt.SslProtocols = SslProtocols.Tls12;
                });
            })

0人赞添加讨论(0) 举报

太酷不给撩

3楼-- · 2020-02-26 11:42

There's a UseHttps overload that allows you to provide a HttpsConnectionAdapterOptions instance to configure this. Here's an example of what this might look like in your case:

listenOptions.UseHttps(new HttpsConnectionAdapterOptions
{
    ...
    SslProtocols = SslProtocols.Tls12
});

For reference, SslProtocols defaults to SslProtocols.Tls12 | SslProtocols.Tls11.

0人赞添加讨论(0) 举报

Any way to restrict ASP.NET Core 2.0 HTTPS to TLS

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间