Questions tagged [tls1.2]
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network.
tls1.2
3,322
questions
152
votes
8
answers
376k
views
Update .NET web service to use TLS 1.2
I need to use TLS 1.2 to connect from my .NET web service to another that is going to force TLS 1.2. I found a resource that said .NET 4.6 uses TLS 1.2 by default so that sounded like the easiest ...
- 5,448
137
votes
13
answers
140k
views
NSURLSession/NSURLConnection HTTP load failed on iOS 9
Tried to run my existing app on iOS9 but getting failure while using AFURLSessionManager.
__block NSURLSessionDataTask *task = [self.sessionManager dataTaskWithRequest:request completionHandler:^(...
- 9,891
94
votes
8
answers
205k
views
TLS 1.2 in .NET Framework 4.0
I have a Windows server 2008 R2 server running a dozen .NET Framework 4.0 WebForms applications, and I need to disable TLS 1.0 and lower. When I do that, all secure connections fail and I was forced ...
- 1,051
85
votes
7
answers
149k
views
curl: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate
C:\Users\casta>curl https://c5.ppy.sh
curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the ...
- 1,027
82
votes
3
answers
41k
views
Chrome "Active content with certificate errors"
We recently updated our ZNC server (don't think this matters) with a new certificate to include a Subject Alternative Name (SAN) DNS field. It works now in incognito but my existing session shows the ...
- 12.9k
82
votes
7
answers
63k
views
Why can Java not connect to MySQL 5.7 after the latest JDK update and how should it be fixed? (ssl.SSLHandshakeException: No appropriate protocol)
In the latest update to the JDK in April 2021 (11.0.11+9-0ubuntu2~18.04) support for TLSv1 and TLSv1.1 was dropped, presumably because since March 2021 those versions are no longer supported. This is ...
- 18.6k
70
votes
5
answers
219k
views
Command prompt to check TLS version required by a host
Is there a command to check the TLS version required by a host site? Right now, the only way I know to check is by adjusting the max TLS version of my browser and checking if I can still access the ...
- 797
66
votes
10
answers
120k
views
Is that possible to send HttpWebRequest using TLS1.2 on .NET 4.0 framework
My application connects to Experian server and Experian will soon stop supporting TLS 1.0 and TLS 1.1. All connectivity using HTTPS must use TLS Version 1.2.
I want to do some research on that issue ...
- 2,098
64
votes
6
answers
283k
views
A fatal error occurred while creating a TLS client credential. The internal error state is 10013
Recently deployed a Windows 2016 Standard Server, with Active Directory and Exchange 2016.
We have disabled SSL 1.0, 2.0 and 3.0 for both Server and Client, and have disabled TLS 1.0 and TLS 1.1.
...
- 5,151
61
votes
10
answers
253k
views
How to enable TLS 1.2 in Java 7
I am trying to enable TLS 1.2 in my web app which uses JBoss 6.4 and Java 1.7. I have -Dhttp.protocols = TLSv1.2 in my application environment but it doesn't seem to work for me.
Is there anything I ...
- 613
60
votes
11
answers
95k
views
.Net Framework 4.6.1 not defaulting to TLS 1.2
Our client have recently upgrade the security protocol to TLS 1.2. Therefore We have our application upgraded to 4.6.1 expecting the security protocol will be default to TLS 1.2 but it is not. Any ...
- 619
57
votes
7
answers
71k
views
TLS 1.2 not negotiated in .NET 4.7 without explicit ServicePointManager.SecurityProtocol call
I need to upgrade a .NET application to support a call to an API on a website that only supports TLS 1.2. From what I read, if the application is targeting 4.6 or higher then it will use TLS 1.2 by ...
- 8,339
52
votes
6
answers
68k
views
How to test which version of TLS my .NET client is using?
I support a .NET site which (amongst many, MANY, other things) talks to remote APIs from supplier systems.
We want to upgrade to support TLS 1.2
We're hoping to do so as per this question: Are there ....
- 8,021
51
votes
4
answers
114k
views
Is TLS 1.1 and TLS 1.2 enabled by default for .NET 4.5 and .NET 4.5.1?
On our Windows 2012 Server R2, we need to disabled TLS 1.0.
However we have .NET 4.5 Wcf services running. We found that if we disable TLS 1.0 that the WCF services no longer run, as we get the ...
- 5,151
51
votes
9
answers
197k
views
How to use TLS 1.2 in Java 6
It seems that Java 6 supports TLS up to v1.0, is there any way to use TLS 1.2 in Java 6?
Maybe a patch or a particular update of Java 6 will have support for it?
- 507
48
votes
3
answers
45k
views
"fatal: HttpRequestException encountered." Error with GitHub/Bitbucket Repositories due to dropping TLS-1.0 support
Problem
I recently encountered the following message when I pushed to a GitHub repo:
"fatal: HttpRequestException encountered. "
followed by being prompted for my username and password again.
From ...
- 1,426
42
votes
5
answers
10k
views
iOS 9 app download from Amazon S3 SSL error: TLS 1.2 support
I get
An SSL error has occurred and a secure connection to the server cannot
be made.
on iOS 9 if I try to download a file from amazon s3:
https://s3.amazonaws.com/xyz/qer/IMG_0001.JPG
From ...
- 3,700
35
votes
1
answer
85k
views
When was TLS 1.2 support added to OpenSSL?
Does OpenSSL 0.9.8x support TLS1.2? I looked at the changelog for OpenSSL but didn't find any information on this: https://www.openssl.org/news/changelog.html
- 681
32
votes
2
answers
29k
views
iOS 13 TLS issue
I have installed iOS 13 beta version and run my framework which contains a lot of network requests, but I got this error:
2019-09-19 15:01:33.566811+0200 ---[395:25439] Connection 4: default TLS ...
- 752
30
votes
2
answers
16k
views
Docker container running golang http.Client getting error `certificate signed by unknown authority`
I created a docker container for talking to the google api using GoLang. I started off using a SCRATCH container and am getting the error certificate signed by unknown authority upon changing to ...
- 901
26
votes
6
answers
90k
views
Does Microsoft OLE DB Provider for SQL Server support TLS 1.2
Our client recently upgraded from TLS 1.0 to TLS 1.2 and after this our software cannot connect with SQL server. It uses OLE DB provider for connecting to SQL server.
Below is the error which is ...
- 948
25
votes
7
answers
94k
views
System.Net.SecurityProtocolType.Tls12 definition not found
I'm trying to add the following line of code to the Global.asax file in a website project.
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
The vs2012 ...
- 1,695
25
votes
4
answers
62k
views
How to force JavaMailSenderImpl to use TLS1.2?
Have a JDK7 app running on Tomcat and it does have the following env settings:
-Dhttps.protocols=TLSv1.1,TLSv1.2
The above setting ensures that we don't use TLS 1.0 when connecting over HTTPS while ...
- 1,229
24
votes
3
answers
42k
views
Domain=NSURLErrorDomain Code 1202
Hi I receive the following error:
Error Domain=NSURLErrorDomain Code=-1202 \"The certificate for this server is invalid. You might be connecting to a server that is pretending to be “server-prod....
- 603
24
votes
3
answers
100k
views
Enable TLSv1.2 and TLS_RSA_WITH_AES_256_CBC_SHA256 Cipher Suite
Server:
TLS Version: v1.2
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Client:
JRE 1.7
I am receiving the below error when I try to connect to the Server from Client through SSL directly:
Caused ...
- 5,163
23
votes
6
answers
25k
views
Android pre-lollipop devices giving error "SSL handshake aborted: ssl=0x618d9c18: I/O error during system call, Connection reset by peer"
Iam having this strange issue in which the retrofit keeps throwing me
"SSL handshake aborted: ssl=0x618d9c18: I/O error during system call,
Connection reset by peer"
in kitkat, whereas the same ...
- 5,017
23
votes
3
answers
10k
views
iOS push notifications using TLS certificate vs. using authentication tokens
I am reading the documentation for both push using TLS certificates and push using authentication tokens
But besides explaining how to configure each, the articles don't really explain the ...
- 14k
22
votes
4
answers
18k
views
Securing Kubernetes Service with TLS
I have an application that is internal and exposed only to other application on the cluster by a service with cluster IP. Other services are accessing this application via it's DNS (serviceName-...
- 1,955
21
votes
1
answer
7k
views
ios13 tls certificates issue - connection error
Since the release of ios13 I have a strange problem in my iOS app due to tls connection error to my backend. If I try to connect to the backend via the simulator (iOS 13) it works fine, if I install ...
- 817
19
votes
3
answers
6k
views
C# and dotnet 4.7.1 not adding custom certificate for TLS 1.2 calls
I have the following C# code, constructing an https call with a custom certificate. When using Tls 1.1, the call works fine. When using Tls 1.2 the call breaks. I using curl, using tls 1.2 works fine ...
- 1,267
18
votes
4
answers
15k
views
Best way for verifying server compliance to Apple's ATS / TLS 1.2 requirement
So Apple requires TLS 1.2 with Forward Secrecy for URLs beginning iOS 9. Independent of the app, what's the best way to verify that a server meets all the requirements?
nscurl just outright doesn't ...
- 1,248
18
votes
3
answers
24k
views
How do we specify TLS/SSL options in Guzzle?
We are starting to use Guzzle in PHP with code which calls a variety of different APIs, a few of which don't support TLSv1.2 and some of which require TLSv1.2.
What's the best way to force Guzzle to ...
- 313
17
votes
2
answers
22k
views
Self-signed certificate for device with local IP
Scenario:
We have a device similar to a WiFi router that has UI and API exposed
The device will run on any LAN out of our control, just like a WiFi router runs on any house.
The device doesn't belong ...
- 5,830
17
votes
2
answers
5k
views
Can a TLS 1.2 server/client get by with just TLS_RSA_WITH_AES_128_CBC_SHA?
I'm updating an embedded TLS 1.0 implementation to TLS 1.2 (devices with 1MB of code space or less, and no OS). At this point, I have AES-128 and AES-256 CBC ciphers working with SHA-1 and SHA-256 ...
- 11.6k
16
votes
3
answers
32k
views
What version of TLS does my C# program use?
I develop a C# program in Visual Studio 2013 which communicates with a SOAP webservice. How can I tell which version of TLS my program uses?
- 9,768
16
votes
3
answers
43k
views
Configure https agent to allow only TLS1.2 for outgoing requests
I'm making HTTPS connections from a node app, using a client certificate:
var options = {
hostname: 'https://my-server.com',
port: 443,
path: '/',
method: 'GET',
key: fs....
- 8,959
16
votes
7
answers
7k
views
Spring Boot MongoDB Connectivity Issue
My Spring Boot application is trying to connect to MongoDB Database. The configuration is added on application.yml file. The application was working completely fine locally till yesterday.
But when ...
- 746
16
votes
12
answers
63k
views
Why Schannel fails to receive handshake from the server?
When I'm trying to pull from our git server I get this error:
fatal: unable to access 'xxx': OpenSSL SSL_connect: SSL_ERROR_SYSCALL
in connection to xxx
When this happened before I was able to ...
- 101k
16
votes
3
answers
8k
views
Unable to access https web service from iOS
I am trying to access a web service which is available on https protocol. Initially I was getting following error:
NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802)
...
- 8,048
15
votes
4
answers
42k
views
How to enforce TLS1.2 to Rest client using Rest Template
I am consuming json webservice using Spring3.0 restTemplate by calling post method.
MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
...
- 3,332
15
votes
5
answers
28k
views
How to get the error string in openssl?
I am using openssl to establish the TLS connection with the remote server.
Here are the code snippets:
if ((ret = SSL_connect(c->ssl)) <= 0) {
ret = SSL_get_error(c->ssl, ret);
if((...
- 561
15
votes
2
answers
44k
views
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 in windows server 2012 r2
My question is simple. My server's operating system is Windows Server 2012 r2 and all updates were made on it.
When I run the iiscrypto I couldn't find TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 cipher ...
- 2,251
15
votes
1
answer
18k
views
How do I reference a self-signed SSL certificates for traefik v2 in a docker-compose file?
There is very limited documentation for referencing self-signed certificates for Træfik v2 in the docker-compose YAML file. Here is how you can do it for Let's Encrypt:
https://github.com/containous/...
- 3,983
15
votes
2
answers
10k
views
Avoid sending TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher in TLS Client Hello
Node.js sends the TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher by default to protect itself against the POODLE attack.
I'm trying to avoid sending this cipher (even though this may pose a security risk) ...
- 7,816
14
votes
2
answers
47k
views
How to upgrade OpenSSL from 1.0.2g to 1.1.0g in Ubuntu and let python recognize the new OpenSSL
I have Ubuntu 16.04. It has OpenSSL 1.0.2g. I need to use OpenSSL 1.1.0g. Note that OpenSSL 1.1.0g is installed in my other machine Ubuntu 18. But I need to run a python program in Ubuntu 16.04 but I ...
- 2,268
14
votes
1
answer
51k
views
How to enable TLS 1.2 in Asp.Net Core 3.1
I am working on Asp.Net Core 3.1 project. I am testing locally. I started getting errors as
Your connection is not fully secure
This site uses an outdated security configuration, which may expose your ...
- 1,809
14
votes
3
answers
13k
views
Signing certificate request with certificate authority
I want to use TLS mutual authentication to authenticate a client on a API made in go. I've created a certificate authority, and let's say Bob has a key pair he wants to use with the client. Bob ...
- 345
14
votes
7
answers
79k
views
SSLError("Can't connect to HTTPS URL because the SSL module is not available.") in pip command
In my Ubuntu 20.04. I am using two python versions. One of them is Python3.8.2 which came with my Ubuntu installation and another one is Python3.7.5. I installed Python3.7.5 using update-alternatives ...
- 2,432
14
votes
6
answers
11k
views
Creating a ManagedCertificate results in "Status: FailedNotVisible"
Using Kubernetes 1.12.6-gke.7 or higher it is possible to create a ManagedCertificate which is then referenced from an Ingress Resource exposing a Service to the Internet.
Running kubectl describe ...
- 309
14
votes
1
answer
35k
views
Enabling TLS 1.2 without changing code in .NET
I have .NET 4.5.2 application that is using SmtpClient to send emails. The application is installed on Windows 2012 R2 server. When I disable TLS 1 and TLS 1.1 and enable only TLS 1.2, the application ...
- 32.3k