How to increase the TLS handshake size in .NET?

Question

I'm experiencing connection negotiations failure while trying to establish two way authentication with .NET clients.

This happens after the remote server increased significantly the list of authorized CA.

While this issue can be easily resolved in any java clients by setting jdk.tls.maxHandshakeMessageSize to a higher value, I can't find the same workaround for .NET.

This issue happens with System.Net.HttpClient, System.Net.Security.SslStream (.NET Framework 4.7.2) and Internet Explorer 11 .

Answer 1

For API that relies on Windows TLS SCHANNEL, this value can be changed by setting the following DWORD value on registry.

MessageLimitClient : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Messaging

Credit for lextm on MSDN.