Share via

Enabling specific cipher suite in C#

S Abijith 346 Reputation points
2021-01-07T04:41:27.28+00:00

We are trying to upload a file to a device or download a file from a device using a C# WPF application. We are using .Net Framework 4.5 to achieve this. The device in question supports only two protocols, namely:

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
After analysis, we found these two cipher suites are supported under TLS1.2. We are currently using the below code to enable TLS1.2 in .Net Framework 4.5:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

But as we all know TLS1.2 supports many cipher suites. We want to enable only the above cipher suites.

Can anyone please us if there is any way to enable only those two cipher suites? And also please let us know if the above line of code is sufficient to enable TLS1.2 in a C# application.

C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,375 questions
0 comments
Accepted answer
  1. Timon Yang-MSFT 9,576 Reputation points
    2021-01-08T03:13:35.913+00:00

    Microsoft does not provide a way to modify the cipher suite in the code of the .net Framework 4.5, maybe you should consider other ways to do this.
    The selection and negotiation of cipher suites in the .NET Framework is handled by the operating system's SSL/TLS library (Windows Schannel in this case), and we can override the default cipher suites in Schannel through group policies and registry keys.
    Manage Transport Layer Security (TLS)
    In addition, I found this document:
    Prioritizing Schannel Cipher Suites
    It seems that you can perform certain operations on the cipher suite in C++, but this requires you to post a new question and ask a C++ expert for confirmation.
    The following link also mentions a way to modify the cipher suite, you can also refer to it.
    Need to set cipher suite at the code in C#

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Esen Kaya 0 Reputation points
    2024-05-13T20:42:53.1+00:00 
            ServicePointManager.SecurityProtocol |= SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
    0 comments