Menu
How can I specify a cipher suite to use in an SSL Connections?
I know that Mentalis Seclib got this feature however they don't maintain the project (and there are issues in that library with x64 OSes) as they say .NET Framework 2.0 introduced those features, however I couldn't find a way to do this in .NET Framework 3.5.
To be more specific I want to connect an HTTPS service by using NULL cipher, I would do the same thing with OpenSSL by using the following command:
openssl s_client -connect www.example.com:443 -cipher NULL
How can I do this in .NET?
Also commercial or commercial friendly licensed library suggestions are welcome as well.
990
(My previous answer was ill-informed, I did not notice at first that the property I was referring to was read-only.)
In .NET 4, the System.Net.Security.SslStream class supports a new constructor, allowing you to provide an EncryptionPolicy value, which could be NoEncryption. This allows no encryption and request that a NULL cipher be used if the other endpoint can handle a NULL cipher.
Unfortunately this did not exist even in 3.5.
Not really part of the question, but I assume (and this is really for future readers) that you are of course aware of the relevant risks, of using SSL with a NULL cipher? And, the benefits you miss out on?
50
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
