WCF Disabing Weak Cipher Suites

pepcoder 1 Reputation point
2021-04-12T03:50:40.1+00:00

We are using WCF services for fetching the data from the DB to Honeywell hand held devices via 3G SIM . Security team raised a concern by saying that the application uses weak protocols below and must be deactivated.

Can someone confirm WCF protocols are being used by WCF services. Can we suggest them to deactivate it ?

  1. If WCF is using below listed weak ciphers and Protocol.
    a. Weak Cipher (TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000A), TLS_RSA_WITH_RC4_128_MD5 (0x0004) TLS_RSA_WITH_RC4_128_SHA (0x0005))
    b. Protocol (SSL v3)/
.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,369 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Peng Ding-MSFT 91 Reputation points
    2021-04-12T05:23:03.113+00:00

    Hi @pepcoder , This is related to .Net Framework, you can refer "Transport Layer Security (TLS) best practices with the .NET Framework".

    If the answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,
    Peng Ding

    0 comments