WCF TLS cipher suite

Question

Hi,

I have a requirement to specify the cipher suite to be used for transport level security on a wsHttpBinding in WCF.

I have problems finding what kind of cipher is used by default on TLS by WCF in the first place, let alone set it.

This question is due to operation in an environment where most systems are build on Java, which apparently allows for setting the cipher programmatically.

Is there any way to see what cipher is used, and even better set it to a different one?

Apologies for a possible mixup and misuse of security terms,

Update 1: I have identified the ciphers used in a WCF client-server interaction using WireShark. The client provides a list of ciphers it supports and the server selects one of the ciphers for subsequent use. I have not yet been able to programmatically define the ciphers to be used neither on the client or server side. Please let me know your experience with this.

Thanks,

Martijn

Answer 1

I don't think this is exposed publicly on any way... the issue isn't so much WCF itself, since it relies on the standard stuff implemented by HttpWebRequest and friends in the core framework.

Never tried seeing if this makes a difference, but maybe changing the SSL cipher suite policy at the machine level might make a difference.

Answer 2

According to MSDN HTTPS is provided externally to WCF which means TLS/SSL cipher suite and certificate selection are not possible programmatically. You can limit the list of available cipher suites using system wide settings if that's what you need.