Hello,
I have a client that is planning to disable the vulnerable protocol such as TLS 1.0 and 1.1 and only allow TLS 1.2. When we implemented this on their test/staging web server, the website breaks and we need to re-enable again the weak protocol to up the site.
I have inserted the code below in Global.asax.cs file, under the function Application_Start() but still encountering the issue:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Does anyone have a solution for this issue?
Thank you
Nopcommerce 3.40 error when using TLS 1.2
MVP
Certified Developer
- 1623
- 15968
- 11/25/2013
- Bangladesh
sdacuro wrote:
Go this link
Hello,
I have a client that is planning to disable the vulnerable protocol such as TLS 1.0 and 1.1 and only allow TLS 1.2. When we implemented this on their test/staging web server, the website breaks and we need to re-enable again the weak protocol to up the site.
I have inserted the code below in Global.asax.cs file, under the function Application_Start() but still encountering the issue:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Does anyone have a solution for this issue?
Thank you
I have a client that is planning to disable the vulnerable protocol such as TLS 1.0 and 1.1 and only allow TLS 1.2. When we implemented this on their test/staging web server, the website breaks and we need to re-enable again the weak protocol to up the site.
I have inserted the code below in Global.asax.cs file, under the function Application_Start() but still encountering the issue:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Does anyone have a solution for this issue?
Thank you
Go this link
- 39
- 511
- 1/18/2011
- United States
We've been successful on older versions of NopCommerce (3.1) with just editing the web.config to set the target framework to .Net 4.7.
Look for "targetFramework" and set the value to 4.7 in two places:
<compilation targetFramework="4.7">
<httpRuntime targetFramework="4.7" />
However, you also have to be sure that your server supports TLS 1.2. For that, you need to be on Windows Server 2008 R2 or newer.
I haven't looked at a NopCommerce 3.4 version web.config to see if these same values apply so this may not work for you but I figured I'd post it anyway since it may help others.
Look for "targetFramework" and set the value to 4.7 in two places:
<compilation targetFramework="4.7">
<httpRuntime targetFramework="4.7" />
However, you also have to be sure that your server supports TLS 1.2. For that, you need to be on Windows Server 2008 R2 or newer.
I haven't looked at a NopCommerce 3.4 version web.config to see if these same values apply so this may not work for you but I figured I'd post it anyway since it may help others.
- 39
- 511
- 1/18/2011
- United States
I should have added to my post to be sure you have .NET 4.7 installed on the server. Presumably, the same thing would work with .NET 4.6 if you target that version as the default was changed to TLS 1.2 in 4.6 and above. We went ahead and installed 4.7 to be on the newest version.
I should note that we also did disable both client and server SSL (all versions), TLS 1.0, and TLS 1.1 on our server via registry settings so that clients/browsers as well as the web host do not support the older versions. Perhaps this also helped but I wouldn't think you would need to do that. We also disabled most of the older ciphers. IIS Crypto can help with this. Just be sure you don't need them for other applications before doing this.
I've used the targetFramework = 4.7 setting on a few different .NET web applications at this point and have not yet had any errors, but I should caution that we have not tested with all features or plugins of nopCommerce. Potentially, it could cause issues somewhere else using the newer version of .NET framework. We've been running this way on several sites for a few months now.
I should note that we also did disable both client and server SSL (all versions), TLS 1.0, and TLS 1.1 on our server via registry settings so that clients/browsers as well as the web host do not support the older versions. Perhaps this also helped but I wouldn't think you would need to do that. We also disabled most of the older ciphers. IIS Crypto can help with this. Just be sure you don't need them for other applications before doing this.
I've used the targetFramework = 4.7 setting on a few different .NET web applications at this point and have not yet had any errors, but I should caution that we have not tested with all features or plugins of nopCommerce. Potentially, it could cause issues somewhere else using the newer version of .NET framework. We've been running this way on several sites for a few months now.