janbrasna
commented
1 month ago Only protocols seem to be supported in appsettings.json configuration — and for cipher suites in code there's:
"On Linux
xref:System.Net.Security.CipherSuitesPolicycan be used to filter TLS handshakes on a per-connection basis: " kestrel/endpoints.md#configure-tls-cipher-suites-filter-in-code
Not sure if it's currently worth it, maybe generating the settings with a comment linking to docs how to filter in actual app code? 🤷
New ASP.NET Core applications use the Kestrel HTTP Server by default, unless hosted in IIS.
It is possible to configure TLS protocols used by Kestrel, both in code and in configuration files. However, I do not know whether or not it is possible to configure actual cipher suites.
Would it be possible for the SSL config generator to support Kestrel?