EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TLS and Visual Studio 2008

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#27117
Posted: 11/05/2013 04:21:25
by Simon Johnson (Basic support level)
Joined: 11/05/2013
Posts: 7

Does TLS 1.2 work with Visual Studio 2008?
#27118
Posted: 11/05/2013 04:24:13
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Yes it does in all Visual Studio versions and in .NET 2.0 and higher.
#27120
Posted: 11/05/2013 04:41:59
by Simon Johnson (Basic support level)
Joined: 11/05/2013
Posts: 7

I'm having trouble getting data from the server using a web browser. The client demo is able to connect to the server via HTTPS and get an item from storage however pointing a browser directly at that comes back as 'web page not available' compared to directly retrieving the item when using HTTP directly.

What is the client app doing differently to correctly connect via HTTPS that a web browser isn't?
#27122
Posted: 11/05/2013 04:59:42
by Vsevolod Ievgiienko (EldoS Corp.)

What exact client demo do you mean? Is it HTTPSGet demo? If yes then:

1) HTTPSGet sample is configured to use only SSL2, SSL3 and TLS1 by default. You should change HTTPSClient.Versions property to enable TLS 1.2. Possible property values are described here: https://www.eldos.com/documentation/sb...sions.html So if the sample works then it uses TLS1, but not TLS 1.2.

2) The TElHTTPSServer component (and HTTPS server sample) is configured to use sbSSL3, sbTLS1, sbTLS11 and sbTLS12 by default. The server tries to establish the highest version of TLS from the list of supported by a client. What browser do you use? What log is produces by the sample when connection fails? Its possible that TLS 1.2 is not supported by this browser or is implemented incorrectly.
#27125
Posted: 11/05/2013 05:10:08
by Simon Johnson (Basic support level)
Joined: 11/05/2013
Posts: 7

Could you please clarify how to alter the versions property please? The article you provided specifies the following reference 'TElSSLClient.Versions' but I cannot seem to locate this within the entire solution.
#27126
Posted: 11/05/2013 05:21:17
by Vsevolod Ievgiienko (EldoS Corp.)

The code will look this way:

Quote

TElHTTPSClient HTTPSClient;
...
HTTPSClient.Versions = SBSSLConstants.Unit.sbTLS11 | SBSSLConstants.Unit.TLS12;


The versions you need to support are combined using OR operator.
#27127
Posted: 11/05/2013 05:41:10
by Simon Johnson (Basic support level)
Joined: 11/05/2013
Posts: 7

In the quote above you reference the TELHTTPSClient. The sample does not implement the HTTPS Client.

The question in this case is how to alter the SLL versions of the Server sample, not the client. I am trying to investigate how to connect to the server, using HTTPS with TLS 1.2, with something other than your cliet example to validate that this is working correctly.

At line number 178 of ServerThread.cs in the HTTPSServer_VS2008 sample solution a m_httpsServer object is instantiated. I can access an attribute of that object called SSLVersions (which is a short). Will setting this to 16 have the desired effect of enabling TLS 1.2.

I have tried this and then tried to connect via Internet Explorer configured to use TLS 1.2 and gained the following messages in the log

Error [ Code: 75782, Fatal: True, Remote: False ]
Connection close [1]

I also gained the same error messages when connecting with Mozilla Firefox.
#27128
Posted: 11/05/2013 06:12:06
by Vsevolod Ievgiienko (EldoS Corp.)

As I wrote above the server is configured to allow TLS 1.2 by default. Indeed TElHTTPSServer.SSLVersions is the analogue of Versions property for a client and setting it to 16 will enable TLS 1.2 only (SSL3, TLS1, TLS1.1 will be disabled).

Quote
Error [code]

Do I understand right that "code" word is printed in the log literally or there is some numberic code instead? According to ServerThread.cs:DoError code this line should look differently. Do you use the latest version of SecureBlackbox and the sample?

Also I've just checked that the sample works correctly with TLS 1.2 enabled Internet Explorer 10.
#27129
Posted: 11/05/2013 06:17:00
by Simon Johnson (Basic support level)
Joined: 11/05/2013
Posts: 7

You may not have noticed but I edited my reply to display the error code as printed in the log

Error [ Code: 75782, Fatal: True, Remote: False ]

I have used Internet Explorer version 10.0.10 to try to connect to the server. The version of SecureBlackBox I have installed is October 25, 2013
Version 11.0.241. Official Release
#27130
Posted: 11/05/2013 07:05:25
by Eugene Mayevski (EldoS Corp.)

The error code is not very informative as it doesn't point at exact reason of the problem.

It seems that the issue is specific to settings (and maybe version) of your browser. Please try different browser as the first step. If it works, we'll need to get your IE settings and try to set them locally in order to reproduce the issue.


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 2452 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!