Closed amithegde closed 3 years ago
Tratcher
commented
3 years ago Are you using IOwinContext on IIS? If so then you can still get to the server variables. https://stackoverflow.com/a/30813296/2588374
If you're using Self-host / HttpListener then the TLS information is not available.
amithegde
commented
3 years ago Hi @Tratcher, I am using self host and not IIS in-front of it. Our current setup does not come with IIS and we can't install IIS so trying to use Self-host. Also, since we are on .net 4.6.2, can't use the features of Asp.net Core which seem to allow extracting negotiated TLS version (or at least reject weak TLS negotiation).
I was looking through the AspNetKatana codebase and noticed that IOwinContext is generated from HttpContextBase which makes me wonder if there is a way to include additional environment variables here by extracting it from the raw request. Any pointers on this?
Tratcher
commented
3 years ago In self-host there's no solution for you here. It would require new public APIs from .NET's HttpListener to expose that information. It works in AspNetCore because we replaced HttpListener and added those APIs.
That HttpContextBase code path is only used in IIS.
The only way you'll get access to this information in your current setup is through ETW traces, not in the application.
amithegde
commented
3 years ago Thanks for the details @Tratcher
For completeness, here is how to enable SChannel event logging - https://stackoverflow.com/a/25090724
I am looking for a way to extract negotiated TLS version from a request on middleware. I noticed
IOwinContextorRequestobjects do not have this information so I am guessing it somehow needs to be included before request reaches middleware.For IIS and asp.net with global.asax, IIS team exposed few server variables to surface this information and this SO answer shows how to extract the information from request.
Any ideas if this is possible?