Only enable TLS.1.3 in Web-Api hosting in Kestrel-Service
We are currently developing an ASP NET Core Web API hosted in a Kestrel Windows service. We want to enable TLS 1.3 only and disable all other SSL protocols.
The following code works. TLS1.2 and TLS1.3 are both enabled.
{
"Kestrel": {
"Endpoints": {
"HttpsForDeveloper": {
"Url": "https://localhost:5001",
"SslProtocols": ["Tls12", "Tls13"]
}
},
"Certificates": {
"Default": {
"Subject": "localhost",
"Store": "My",
"Location": "LocalMachine",
"AllowInvalid": true
}
}
}
}
But if I change the code block to remove TLS1.2. Is the page no longer available.
{
"Kestrel": {
"Endpoints": {
"HttpsForDeveloper": {
"Url": "https://localhost:5001",
"SslProtocols": ["Tls13"]
}
},
"Certificates": {
"Default": {
"Subject": "localhost",
"Store": "My",
"Location": "LocalMachine",
"AllowInvalid": true
}
}
}
}
In Postman I get the following error:
Does anyone have any tips for me or know what I'm doing wrong?
Solution
The problem was the lack of support for TLS 1.3 in the Windows versions we used. I was able to solve the problem with the following article.
- How do I read (not write!) the content from System.Net.Http.StringContent?
- HTTP 415 unsupported media type error when calling Web API 2 endpoint
- REST API design: Grouping together multiple POST or PUT calls?
- Azured AD JWT authentication doesn't work for Web API hosted in docker using TestContainer
- Exposing localhost to the internet via tunneling (using ngrok): HTTP error 400: bad request; invalid hostname
- How to perform an action after a hangfire background job fails and exhaust its max number of retries
- Returning binary file from controller in ASP.NET Web API
- Catch SqlException at the controller level?
- Merging File Upload and Template Creation Messages in ASP.NET Web API with RabbitMQ
- Square brackets around response JSON in Web API
- How can I show image in HttpResponseMessage.Content.Headers.ContentType
- GET all products by using id field
- How to parse this 3rd party JSON service using .NET?
- swagger error: Conflicting schemaIds: Duplicate schemaIds detected for types A and B
- Using Macbook touchpad (or others) for multi touch gestures in desktop browser
- System.Net.Http.HttpRequestException Error while copying content to a stream
- Web Api OWIN Host with Unity
- Swagger UI not displaying when deploying API on IIS
- Could not load file or assembly 'System.Web.Http, Version=5.0.0.0
- How do I solve Inconsistent accessibility parameter in ASP .NET Integration testing?
- I can't connect ASP.NET Web API with .NET Maui
- All ASP.NET Web API controllers return 404
- ExceptionFilter difference between OnExceptionAsync vs.OnException
- How can I disable Docker from a Visual Studio ASP.NET Web API application?
- ASP.Net Core + Swagger - Actions require an explicit HttpMethod binding for Swagger 2.0
- How to add line break to Swashbuckle documentation?
- Properly Implementing IAuthorizationFilter in Web API
- Why is my async ASP.NET Web API controller blocking the main thread?
- EF SaveChanges not saving and not throwing exception
- A non-blocking socket operation could not be completed immediately