What is the equivalent of jdk.tls.maxHandshakeMessageSize in .NET?

Haga R 21 Reputation points
2021-09-08T12:12:25.04+00:00

I'm unable able to establish a two way TLS 1.2 authentication to some customer servers since they increased the size of the handshake message.

The AuthenticationException happens with both System.Net.HttpClient and System.Net.Security.SslStream :

System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted
Win32 (SChannel) Native Error Code: 0x80090326

While this problem was easily solved by setting jdk.tls.maxHandshakeMessageSize to a higher value in any java client, I can't find the same workaround for .NET.

I'm using .NET Framework 4.7.2

C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,526 questions
0 comments No comments
{count} votes

Accepted answer
  1. Lex Li (Microsoft) 5,072 Reputation points Microsoft Employee
    2021-09-08T13:45:29.943+00:00

    JDK has that settings because it is a runtime of its own.

    .NET Framework only wraps up native Windows TLS API, so to change any settings in that area, you need to modify the specific Windows registry keys,

    https://learn.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings#messaging--fragment-parsing

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful