Check used TLS version of .NET framework #22
Assignees
Milestone
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Introduction
NuGet is a package manager, primarily used for packaging and distributing software written using the .NET framework and since April 2020 the NuGet support for TLS 1.0/1.1 was removed permanently for security reasons.
Especially for older operating systems like Windows Server 2012R2 or Windows Server 2016 TLS 1.2 is not set as a system default. The option of using TLS 1.2 was introduced in .NET 4.5, however, it is not enabled as a communication protocol by default in 4.5. Beginning with .NET 4.6, it is enabled as a communication protocol by default. Thus, in conjunction with the appropriate registry changes, .NET 4.6+ makes it possible to use TLS 1.2 without having to make code changes to explicitly enable it.
As a result older server which do not automatically use TLS 1.2 as system default have problems connecting to a NuGet Server with PowerShell Get 2.2.5 and higher.
Solution
Check whether .NET 4.x code select the strongest available protocol by default (i.e. when a protocol is not explicitly specified in code), check if the following registry keys are existent and set like in the following:
References
https://support.microsoft.com/en-us/topic/support-for-tls-system-default-versions-included-in-the-net-framework-3-5-on-windows-server-2012-db7ff0cb-fc9e-6530-db50-6a3dfc2834ad
https://github.com/TheLevelUp/pos-tls-patcher
https://devblogs.microsoft.com/nuget/deprecating-tls-1-0-and-1-1-on-nuget-org/
The text was updated successfully, but these errors were encountered: