question

VijeshNair-7356 avatar image
0 Votes"
VijeshNair-7356 asked PengDing-MSFT edited

WCF Disabing Weak Cipher Suites

We are using WCF services for fetching the data from the DB to Honeywell hand held devices via 3G SIM . Security team raised a concern by saying that the application uses weak protocols below and must be deactivated.

Can someone confirm WCF protocols are being used by WCF services. Can we suggest them to deactivate it ?


  1.  If WCF is using below listed weak ciphers and Protocol. 
    

a. Weak Cipher (TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000A), TLS_RSA_WITH_RC4_128_MD5 (0x0004) TLS_RSA_WITH_RC4_128_SHA (0x0005))
b. Protocol (SSL v3)/

windows-wcf
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

PengDing-MSFT avatar image
0 Votes"
PengDing-MSFT answered PengDing-MSFT edited

Hi @VijeshNair-7356 , This is related to .Net Framework, you can refer "Transport Layer Security (TLS) best practices with the .NET Framework".




If the answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Best regards,
Peng Ding


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.