I've got a Web API that must communicate with a few different services. Currently, I have the Web API set to use the following security protocol:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
When the API calls out to another service via HttpClient
(say like Twitter), it will use that protocol. At the same time however, another request may come in to access something from the cloud, which for whatever reason, currently requires TLS (not TLS 1.2). The request to the cloud, before firing out, sets the security protocol again:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
The problem I'm running into is when two separate and unique requests come in, one for Twitter and one for the cloud, the security protocol could switch over to the "wrong one" before it's sent out, causing the request to fail.
Is there a way to set the security protocol on the HttpClient
per request so that I'm not swapping around a setting in some singleton somewhere?
There seems to be no way to do this. The
SecurityProtocol
property is only being used inside the internalTlsStream
class in one place:TlsStream
seems to back all the internal TLS connections such as HTTP, FTP and SMTP.I had hoped that
ServicePoint
allows you to configure this. For many settingsServicePointManager
only provides the default. That hope was unfounded.So this is quite strong evidence that this is not possible. It's no proof, though.
What should you do? I'd switch out the HTTP client library for the odd server you are talking to. HTTP is not a particularly complicated protocol. I'm sure there's some other implementation available.
Alternatively, use a proxy that terminates the HTTPS connection on your own server. .NET then only deals with HTTP.
You don't need to set it.
You can use:
Additional Notes: