DEVHIDE
Login Or Sign up

Turn OF TLS 1.0 & 1.1

300 Views Asked by At

I am working on windows application (WPF, WCF and XAML etc). There is also a legacy web application designed in VB6 (Web class). The application is using framework 4.0 although some have been upgraded to 4.5. In short all of it is somewhat legacy.

Customers have requested that would like to turn off TLS 1.0 & 1.1. After making registry changes to turn off the above I am getting an error - "The caller was not authenticated by the service." in the WPF app.

The code to get Token on Loging in is as follows:

  private SecurityToken GetToken(string username, string password)
  {
     try
     {
        var stsEndpointAddress = EndpointAddressAccess.GetEndpointAddress(ShellState.NimbusSecurityTokenServerConfiguration.BindingProfile,
                                                                   ShellState.NimbusSecurityTokenServerConfiguration.Address);
        var stsBinding = BindingAccess.GetBinding(ShellState.NimbusSecurityTokenServerConfiguration.BindingProfile);

        var tokenClient = new WSTrustChannelFactory(stsBinding, stsEndpointAddress);

        tokenClient.Credentials.UserName.UserName = username;
        tokenClient.Credentials.UserName.Password = password;

        tokenClient.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None; // TODO - fix (profile value - lite or secure)

        tokenClient.TrustVersion = TrustVersion.WSTrust13;
        tokenClient.Open();
        // mat_mac 0 Keep the line below : .NET 4.5 version of this code
        //var rst = new RequestSecurityToken(RequestTypes.Issue)
        var rst = new RequestSecurityToken(WSTrust13Constants.RequestTypes.Issue)
        {
           //// TODO - remove or modify this audience section -- coordinate with other settings around Audience and whether it's checked
           // Note - can't just remove this.  Need to set some alternative properties (I think) to state that the audience isn't being validated
           // Without this line the WCF call fails with some obscure errors
           //AppliesTo = new EndpointReference("net.tcp://localhost:9876/AuthenticationWcf")
           //AppliesTo = new EndpointReference("urn://dummy")  // <<----- .NET4.5 Version of this code 
           AppliesTo = new EndpointAddress("urn://dummy")
        };
        var chn = tokenClient.CreateChannel();
        return chn.Issue(rst);
     }
     catch (System.ServiceModel.Security.MessageSecurityException)
     {
        _log.Error("GetToken caught MessageSecurityException");
        return null;
     }
     catch (Exception ex)
     {
        _log.ErrorException("GetToken threw exception", ex);
        return null;
     }
  }

The error is obviously returning as an Exception - "GetToken threw exception" (above)

I would appreciate if someone can assist please? Thanks and Kind Regards.

c# tls1.0 tls1.1
Original Q&A
0

There are 0 best solutions below

Related Questions in C#

Related Questions in TLS1.0

Related Questions in TLS1.1

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.