Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to enforce tls 1.x using wininet

I'm using wininet library in my aplication, after it turned out that sslv3 loooves poodle, some websites turn it off, and my aplication does not working on some PC's unless user set in Internet settings in windows to use TLS 1.X. Does anyone know way to force wininet to use tls 1.x connection ?

like image 520
whd Avatar asked Oct 26 '14 18:10

whd


People also ask

How do I know if TLS 1.2 is enabled command line?

How to check if TLS 1.2 is enabled? If the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client\DisabledByDefault is present, the value should be 0.

How do I enable TLS 1.0 on Windows 10?

To open Internet Options, type Internet Options in the search box on the taskbar. You can also select Change settings from the dialog shown in Figure 1. On the Advanced tab, scroll down in the Settings panel. There you can enable or disable TLS protocols.

Is TLS 1.2 enabled by default on Windows Server 2012 r2?

TLS 1.2 is enabled by default at the operating system level. Once you ensure that the . NET registry values are set to enable TLS 1.2 and verify the environment is properly utilizing TLS 1.2 on the network, you may want to edit the SChannel\Protocols registry key to disable the older, less secure protocols.


1 Answers

Wininet uses schannel.dll for the SSL/TLS communication and will automatically negotiate TLS if the server side offers TLS. There is nothing for you to do.

I should add that TLS support varies based on Windows version. For up to date TLS support, the minimum Windows versions are Win 7 and Win 2008 R2.

Detail: https://docs.microsoft.com/en-us/archive/blogs/kaushal/support-for-ssltls-protocols-on-windows

like image 192
Jonesome Reinstate Monica Avatar answered Sep 22 '22 12:09

Jonesome Reinstate Monica