TLS 1.2 support
Closed this issue · 5 comments
Since SumoLogic is turning off support for TLS 1.0 and 1.1, is there a plan to update the SumoLogic Appenders to support TLS 1.2?
https://help.sumologic.com/Release-Notes/Service-Release-Notes
Since the messageSender class right now is using HttpClient to call the endpoint, it will be using TLS 1.0 by default, until 4.6, where it uses 1.2.
+1
Our code is also using TLS 1.0 as it uses < .NET 4.6.
I'll have a look and see if I can make a PR for this although its not my forte
Whether or not to use TLS 1.2 is up to the program, not the library. The trouble is that you're targeting Framework v4.5 or earlier, which by default doesn't attempt to use 1.2. There are generally 3 options, in my order of preference:
- Update your code to target 4.6 or higher (project properties) - see https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls
- Set registry values on the machine to tell 4.5 programs to use more secure connections where possible - see https://stackoverflow.com/questions/28286086/default-securityprotocol-in-net-4-5 (see the answer by "dana", as you want to set 2 values on 64-bit machines)
- Update your code to specify the network security protocols - see the same URL as above but use the answers by "Hieu" or "gerasoras"
I agree with the previous comment. Honestly its not up to us as a library to set the TLS versions your app uses or supports.
I would be concerned if our libaray set specific network protocols for you. We could also disable protocols you still use and want to use
Fair enough - I see the logic in that.
For now we had already decided to follow #3 above - it is in our plan for our next IP sprint to upgrade to 4.6. Lots of shared code, so we need to coordinate that effort across multiple projects. Which itself, is another project I am trying to address ;)