question

HagaR-8367 avatar image
0 Votes"
HagaR-8367 asked lextm commented

What is the equivalent of jdk.tls.maxHandshakeMessageSize in .NET?

I'm unable able to establish a two way TLS 1.2 authentication to some customer servers since they increased the size of the handshake message.

The AuthenticationException happens with both System.Net.HttpClient and System.Net.Security.SslStream :

 System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted
 Win32 (SChannel) Native Error Code: 0x80090326

While this problem was easily solved by setting jdk.tls.maxHandshakeMessageSize to a higher value in any java client, I can't find the same workaround for .NET.

I'm using .NET Framework 4.7.2

dotnet-csharp
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

lextm avatar image
1 Vote"
lextm answered lextm commented

JDK has that settings because it is a runtime of its own.

.NET Framework only wraps up native Windows TLS API, so to change any settings in that area, you need to modify the specific Windows registry keys,

https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings#messaging--fragment-parsing

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you. That's all I needed!

0 Votes 0 ·

I've asked the same question with bounty on stackoverflow if you what to answer it https://stackoverflow.com/questions/68986895/how-to-increase-the-tls-handshake-size-in-net

0 Votes 0 ·

You should restore and accept your own answer there. I don't need too many credits on SO :)

0 Votes 0 ·