I have a WCF client running .Net 4.8, and I want to connect to our WCF service through an AWS Network Load Balancer that uses TLS listener. The problem is I cannot connect through it. I can connect properly when I am using a TCP listener in the NLB.
I contacted AWS support regarding this issue, and after some investigation, they confirmed that there is nothing wrong with my NLB configurations, and they advised me that my WCF client must initiate the TLS communication with the NLB's TLS listener to properly communicate through TLS.
But based on my research, the WCF service is the one dictating the security requirements for client. It is mentioned on the first line on this Microsoft resource. Is there a way to force my WCF client to initiate the TLS communication?
I already have in my client code:
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
and on my client config file, I have this on the binding config.
<security mode="Transport"> <transport clientCredentialType="None" protectionLevel="EncryptAndSign" sslProtocols="Tls12" > </transport> </security>
Also, when I inspected the packets during the successful communication on the TCP listener, after the TCP handshake, the client and service exchanges some info before initiating the TLS communication. Not sure if that matters but I just wanna state it.
Is there a way to force my WCF client to initiate the TLS communication?