The caller was not authenticated by the service when tls1.0 is disabled

Question

using c# i have two aplications

1. on .net framework 4 - client
2. and one more on .net framework 4.5 - server

and communicate each other using WCF.

using IISCrypto i turned off tls1.0 and then i get this error

'The caller was not authenticated by the service'

i know that the client will negotiate with the server and take the highest protocol that server provides, so have forcefully change the protocol to the server to

ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

but what happens to client that is framework 4? i tried to change the protocol on the client too but nothing change.

Answer 1

After some search i found the solution..

check

• TLS 1.2 not negotiated in .NET 4.7 without explicit ServicePointManager.SecurityProtocol call.
• Do not disable ServicePointManagerSecurityProtocols

As the say

'Setting Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true limits Windows Communication Framework's (WCF) Transport Layer Security (TLS) connections to using TLS 1.0'

'If your application targets .NET Framework v4.6.2 or earlier and runs on .NET Framework v4.7 or later, set the switch's value to false.'

Just added <AppContextSwitchOverrides value="Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols=false" /> to app.config and works like before !