Open sertunc opened 1 year ago
Hello, how can i set custom cipher suite like
`public static KestrelServerOptions ListenSera(this KestrelServerOptions options, SeraSettings seraSettings) { options.Listen(IPAddress.Parse(seraSettings.ListenIP), seraSettings.Port, listenOptions => { listenOptions.UseConnectionLimits(veraSettings.ConnectionLimit); listenOptions.UseHttps(adapterOptions => { adapterOptions.OnAuthenticate = (context, authenticationOptions) => { authenticationOptions.CipherSuitesPolicy = new CipherSuitesPolicy(new[] { TlsCipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TlsCipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, }); }; adapterOptions.SslProtocols = SslProtocols.Tls12; adapterOptions.CheckCertificateRevocation = false; adapterOptions.HandshakeTimeout = TimeSpan.FromSeconds(veraSettings.TlsHandshakeTimeout); adapterOptions.ClientCertificateMode = ClientCertificateMode.AllowCertificate; adapterOptions.ServerCertificate = new X509Certificate2(Path.Combine("certs", veraSettings.ServerCertificateFilename), veraSettings.ServerCertificatePassword); adapterOptions.AllowAnyClientCertificate(); }); listenOptions.UseConnectionLogging(); listenOptions.UseConnectionHandler(); });
return options; }
}`
Hello, how can i set custom cipher suite like
`public static KestrelServerOptions ListenSera(this KestrelServerOptions options, SeraSettings seraSettings) { options.Listen(IPAddress.Parse(seraSettings.ListenIP), seraSettings.Port, listenOptions => { listenOptions.UseConnectionLimits(veraSettings.ConnectionLimit); listenOptions.UseHttps(adapterOptions => { adapterOptions.OnAuthenticate = (context, authenticationOptions) => { authenticationOptions.CipherSuitesPolicy = new CipherSuitesPolicy(new[] { TlsCipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TlsCipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, }); }; adapterOptions.SslProtocols = SslProtocols.Tls12; adapterOptions.CheckCertificateRevocation = false; adapterOptions.HandshakeTimeout = TimeSpan.FromSeconds(veraSettings.TlsHandshakeTimeout); adapterOptions.ClientCertificateMode = ClientCertificateMode.AllowCertificate; adapterOptions.ServerCertificate = new X509Certificate2(Path.Combine("certs", veraSettings.ServerCertificateFilename), veraSettings.ServerCertificatePassword); adapterOptions.AllowAnyClientCertificate(); }); listenOptions.UseConnectionLogging(); listenOptions.UseConnectionHandler();
});
}`