Do not use weak SSL protocols

Docs > Datadog Security > Code Security > Static Analysis (SAST) > SAST Rules > Do not use weak SSL protocols

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Metadata

ID: csharp-security/weak-ssl-protocols

Language: C#

Severity: Warning

Category: Security

CWE: 327

Description

Weak encryption protocols should not be used. TLS versions 1.0 and 1.1 have been deprecated. TLS 1.2 (or, even better, TLS 1.3) should be used instead.

Learn More

Non-Compliant Code Examples

using System.Net;

class MyClass {
    public static void routine()
    {
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
        System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
    }
}

Compliant Code Examples

using System.Net;

class MyClass {
    public static void routine()
    {
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls13
        
        SslProtocols = SslProtocols.Tls12
    }
}