Posts 1 - 10 of 13
First | Prev. | 1 2 | Next | Last
|
|
|
|
Jeff Gavin
Guest
|
Hello,
We've created an Outlook Add-in using Add-in Express version 8.7.4425.0 and Target .NET Framework 4.6.2. With .NET 4.6.2 the default TLS used should be 1.2 : https://blogs.msdn.microsoft.com/dotnet/2016/08/02/announcing-net-framework-4-6-2/
What we are observing is, if we create a simple console app targeting .NET 4.6.2 framework, TLS 1.2 is being used, but if we create an add-in targeting .NET 4.6.2 framework, TLS 1.0 is being used. We are wondering if Add-in Express is forcing TLS 1.0 in one of its libraries.
Below is sample code you can use to try it out. It connects to a website that responds with the status of your TLS connection. When connecting from the console app it returns 1.2 but when connecting from the Outlook Add-in it is responding with TLS 1.0 in the content. For the add-in you can add this code to a click event off of a ribbon button.
Please let me know if you need additional information:
class Program
{
static void Main(string[] args)
{
Task t = new Task(GetPage);
t.Start();
Console.WriteLine("Downloading page...");
Console.ReadLine();
}
static async void GetPage()
{
string url = "https://www.howsmyssl.com/";
Console.WriteLine(url);
using (HttpClient client = new HttpClient())
using (HttpResponseMessage response = await client.GetAsync(url))
using (HttpContent content = response.Content)
{
string result = await content.ReadAsStringAsync();
Console.WriteLine(result);
}
}
}
Thanks
- Jeff |
|
|
Posted 20 Oct, 2017 09:13:12
|
|
Top
|
|
|
Andrei Smolin
Add-in Express team
Posts: 18614
Joined: 2006-05-11
|
Hello Jeff,
An add-in is a class library, not an .EXE. Try to put the configuration info in the add-in's .config file or in Outlook.exe.config. See also section Configuring an Add-in, see the PDF file in the folder {Add-in Express}\Docs on your development PC.
Andrei Smolin
Add-in Express Team Leader |
|
|
Posted 20 Oct, 2017 10:10:14
|
|
Top
|
|
|
Jeff Gavin
Guest
|
Hello Andrei,
The sample code above was for the console application. If you cut that code in the main function and put it in the Outlook add-in's click event, you will see the behavior when making the request from the Add-in class library. You mentioned the configuration file. What info needs to go there to force TLS 1.2?
Thanks
- Jeff |
|
|
Posted 20 Oct, 2017 10:25:16
|
|
Top
|
|
|
Andrei Smolin
Add-in Express team
Posts: 18614
Joined: 2006-05-11
|
I can't tell; I've never used TLS. But you should note that your add-in is executed as part of Outlook.exe.
Maybe, some other add-ins load a different .NET version and this causes the issue. Try to turn all other COM add-ins off.
Andrei Smolin
Add-in Express Team Leader |
|
|
Posted 20 Oct, 2017 10:30:32
|
|
Top
|
|
|
Jeff Gavin
Guest
|
Hello Andrei,
We removed all other COM add-ins and we are still seeing the behavior.
Thanks
- Jeff |
|
|
Posted 20 Oct, 2017 10:55:24
|
|
Top
|
|
|
Andrei Smolin
Add-in Express team
Posts: 18614
Joined: 2006-05-11
|
Hello Jeff,
Jeff Gavin writes:
Below is sample code you can use to try it out. It connects to a website that responds with the status of your TLS connection. When connecting from the console app it returns 1.2
It returns 1.0 for me. Could you please send me your test project that works correctly for you? You can find the support email address in {Add-in Express installation folder}\readme.txt. Please make sure your email contains a link to this topic.
Andrei Smolin
Add-in Express Team Leader |
|
|
Posted 23 Oct, 2017 09:22:25
|
|
Top
|
|
|
Andrei Smolin
Add-in Express team
Posts: 18614
Joined: 2006-05-11
|
Hello Jeff,
Thank you for providing the project. I've found that my console application doesn't work if I compile and debug it in VS 2015; the issue doesn't occur if I start the compiled .EXE, though. Also, debugging in VS 2017 doesn't produce the issue. I assume this relates to using vshost.exe in VS 2015; see https://stackoverflow.com/questions/45539760/vshost-exe-file-has-different-net-framework-version.
Still, I can't find a solution for the original issue. I suggest that you use a workaround: perform that call in a standalone .EXE, rather than in the add-in.
Andrei Smolin
Add-in Express Team Leader |
|
|
Posted 24 Oct, 2017 07:24:34
|
|
Top
|
|
|
Jeff Gavin
Guest
|
Thanks for investigating Andrei. Unfortunately, running the call in an .EXE is not an option for us as the we need to make the call from our Add-in Express Outlook add-in. Is it possible that the Add-in Express libraries are using a lower .NET framework version which is forcing the TLS 1.0? What version of .NET are the latest Add-in express assemblies compiled with? If it is earlier than 4.6.2, is it possible to try compiling with .NET 4.6.2 and see if connecting from the Add-in Express Outlook add in uses TLS 1.2?
Thanks
- Jeff |
|
|
Posted 24 Oct, 2017 07:44:10
|
|
Top
|
|
|
Andrei Smolin
Add-in Express team
Posts: 18614
Joined: 2006-05-11
|
Hello Jeff,
This doesn't seem related to compiling Add-in Express with 4.6.2. Try to add this code line to the constructor of the add-in module:
using System.Net;
...
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
I need to warn you however: this doesn't help on some of our machines. Will try to find out why.
Andrei Smolin
Add-in Express Team Leader |
|
|
Posted 25 Oct, 2017 07:38:58
|
|
Top
|
|
|
Jeff Gavin
Guest
|
|
|
Posted 25 Oct, 2017 08:03:29
|
|
Top
|
|
|
Posts 1 - 10 of 13
First | Prev. | 1 2 | Next | Last
|
Forums
Topics
Search
Help
Login
Register