Outlok Add-in not using TLS 1.2 by default with Target .NET Framework 4.6.2

Add-in Express™ Support Service
That's what is more important than anything else

Outlok Add-in not using TLS 1.2 by default with Target .NET Framework 4.6.2
 
Andrei Smolin


Add-in Express team


Posts: 17502
Joined: 2006-05-11
Hello Jeff,

The add-in project is built with 4.6.2. As to the registry settings on that page, I use Windows 10 and they don't apply to it.

I've used the following construct to find the .NET version used:


string version = string.Empty;
version = System.Diagnostics.FileVersionInfo.GetVersionInfo(typeof(HttpClient).Assembly.Location).ProductVersion;


For a console application which is reported as "it uses TLS 1.2"; the value of version above is 4.7.2046.0.
For a COM add-in which is reported as "it doesn't use TLS 1.2"; the value of version above is 4.7.2046.0.

I get a different value if I replace HttpClient above with ServicePointManager. Still, this value is 4.7.*.

Regards from Belarus (GMT+3),

Andrei Smolin
Add-in Express Team Leader
Posted 26 Oct, 2017 08:44:30 Top
Andrei Smolin


Add-in Express team


Posts: 17502
Joined: 2006-05-11
Hello ALL,

I've reopened this topic to post this update (note the dates!):

===
I've found that a VSTO add-in demonstrates the same behavior and googled out this page: use Ctrl+F to find "Excel" on it - Transport Layer Security (TLS) best practices with the .NET Framework #4675 on gthub/dotnet/docs.
===

Check the thread containing this comment at https://www.add-in-express.com/forum/read.php?FID=5&TID=15827&MID=82044

Regards from Belarus (GMT+3),

Andrei Smolin
Add-in Express Team Leader
Posted 13 Mar, 2020 04:36:06 Top
Andrei Smolin


Add-in Express team


Posts: 17502
Joined: 2006-05-11
Hello All,

I've reopened this topic to post an update that I should have posted a while ago:

You can specify the TLS used right in the constructor of the ADXClickOnceModule/ADXClickTwiceModule (you need to add them to your project) or in the constructor of the add-in module:

ServicePointManager.SecurityProtocol = 
     SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;


If you have no SecurityProtocolType.Tls11 and/or SecurityProtocolType.Tls12 declared in the .NET Framework version you are using, use numeric values:

ServicePointManager.SecurityProtocol = 
    SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls 
    | (SecurityProtocolType)768 /*Tls 1.1*/ 
    | (SecurityProtocolType)3072 /*Tls 1.2*/ 
    | (SecurityProtocolType)12288 /*Tls 1.3*/;


Regards from Belarus (GMT+3),

Andrei Smolin
Add-in Express Team Leader
Posted 01 Dec, 2020 06:06:52 Top