TLS_PARAMETERS structure (schannel.h)

Indicates TLS parameter restrictions.

Syntax

typedef struct _TLS_PARAMETERS {
  DWORD            cAlpnIds;
  PUNICODE_STRING  rgstrAlpnIds;
  DWORD            grbitDisabledProtocols;
  DWORD            cDisabledCrypto;
  PCRYPTO_SETTINGS pDisabledCrypto;
  DWORD            dwFlags;
} TLS_PARAMETERS, *PTLS_PARAMETERS;

Members

cAlpnIds

The number of ALPN Ids in rgstrAlpnIds.

Set to 0 if the following parameter restrictions apply regardless of the negotiated application protocol. It is an error to specify more than SCH_CRED_MAX_SUPPORTED_ALPN_IDS.

rgstrAlpnIds

An array of ALPN IDs that the following parameters apply to.

Set to NULL if parameter restrictions apply regardless of the negotiated application protocol.

grbitDisabledProtocols

The bit string that represents the disabled protocols.

Set to 0 to use system defaults. Schannel protocol flags are documented here.

cDisabledCrypto

The count of entries in the pDisabledCrypto array. It is an error to specify more than SCH_CRED_MAX_SUPPORTED_CRYPTO_SETTINGS.

pDisabledCrypto

An array of pointers to the CRYPTO_SETTINGS structures that express disabled cryptographic settings.

dwFlags

(optional) The flags to pass.

When TLS_PARAMS_OPTIONAL is set, TLS_PARAMETERS will only be honored if they do not cause the server to terminate the handshake.

Otherwise, schannel may fail TLS handshakes in order to honor the TLS_PARAMETERS restrictions.

Note

TLS_PARAMS_OPTIONAL is valid for server applications only. Must be zero otherwise.

Requirements

   
Minimum supported client Windows 10 1809 [desktop apps only]
Minimum supported server Windows Server 1809 [desktop apps only]
Header schannel.h

See also

SCH_CREDENTIALS

CRYPTO_SETTINGS