-
Notifications
You must be signed in to change notification settings - Fork 102
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for TLS 1.3 #2095
Comments
Azure SignalR does support TLS1.3. You could validate this with What errors are you seeing when upgrading your Azure Web App instance to TLS 1.3? |
That's good to hear!
After configuring the client to explicitly allow TLS versions 1.2|1.3, 1.2 or 1.3, connect still fails, but oddly the inner exception seemed to have disappeared. |
We also restrict cipher suites based on similar security considerations, outlined here: TLS_AES_256_GCM_SHA384 |
We hadn't updated to 8.0.11 and 1.28.0 yet, doing that today. |
|
Where is this error thrown from? Yes the service supports both TLS1.2 and 1.3, it is the client side determining which to use. |
Thrown when I call HubConnection.StartAsync Do you know why the inner exception might have vanished when I tried setting the TLS version in HttpMessageHandlerFactory? |
In this scenario, it's a Windows-specific client app where I don't have control over the Windows hosts. Is it possible that dotnet core uses Schannel on Windows exclusively instead of OpenSSL? If so, I may be limited in my options, unless I can configure dotnet core to use a different crypto implementation. I'd prefer to require 1.3, but Windows 10 clients may hinder that. If that's the situation, then it appears I'm limited by platform constraints. Thank you for the assistance - it seems we can close out this ticket as a platform limitation. |
I am seeking support for enabling TLS 1.3 in Azure SignalR Service or guidance on any documentation steps I might have overlooked. Currently, the absence of TLS 1.3 support forces us to maintain our Azure Web App instance on TLS 1.2, which is the only barrier to achieving our enhanced security settings.
We are using version 8.0 on both the client and server, and have configured the client hub connection to permit TLS 1.3, but this has not resolved the issue. Does SignalR, whether self-hosted or on Azure, support TLS 1.3? Additionally, would upgrading to .NET 9.0 make a difference?
The text was updated successfully, but these errors were encountered: