I use WCF with TLS encryption and disable TLS in registry, but I can still communicate normally. Why?

Shirley 21 Reputation points

I have an application which uses WCF with TLS encryption.
Client side:
NetTcpBinding Bindings = new NetTcpBinding;
Bindings.MaxReceiveMessageSize = 2147483647;
Bindings.Security.Transport.SslProtocols = SslProtocols.Tls12;
Bindings.Security.Mode = SecurityMode.Transport;

Server side is the same.
I use two Windows 10 21H2 to work as client and server.
Firstly, I enabled TLS 1.2 through the registry and Client and Server work fine.
Secondly, I disabled TLS 1.2 on both machine and restart.
When I test, I found that Client and Server can still work.
My question is why TLS 1.2 has been disabled and only TLS 1.2 encryption is set in the code, but actually the program can still be encrypted successfully.

Windows Communication Foundation
Windows Communication Foundation
A Microsoft runtime and set of application programming interfaces in the .NET Framework for building service-oriented applications.
284 questions
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
8,189 questions
{count} votes

1 answer

Sort by: Most helpful
  1. AgaveJoe 22,631 Reputation points

    According to the docs...

    If you want to configure security with the registry, don't specify a security protocol value in your code; doing so overrides the registry setting.

    Transport Layer Security (TLS) best practices with the .NET Framework

    Usually when testing TLS you disable SSL and TLS 1.0 and 1.1 on the servers. Then make sure the code still works.