Our Server has had SSLv3, TLS1.0 and TLS1.1 disabled. Due to this, Visual Studio fails when trying to Add Service Reference when trying to retrieve the WSDL.
"The underlying connection was closed: An unexpected error occurred on a send. Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. An existing connection was forcibly closed by the remote host Metadata contains a reference that cannot be resolved: An error occurred while making the HTTP request to https://mywebsite.com/Service/Service.svc?wsdl. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. The underlying connection was closed: An unexpected error occurred on a send. Authentication failed because the remote party has closed the transport stream. If the service is defined in the current solution, try building the solution and adding the service reference again."
The WSDL is accessible in the browser. The WSDL downloads okay when TLS 1.0/1.1 and SSLv3 are enabled. However, due to PCI requirements we have to disable SSLV3, TLS1.0 and TLS1.1.
I am aware of the following System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; but am not quite sure if this would go in the connecting Console Client or the WCF Service (or both).
Any advice would be appreciated
The line below line needs to be in the client, as that is what is making the connection.
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
As per this blog TLS 1.2 and .NET Support: How to Avoid Connection Errors, the above will work for .Net 4.5
For .Net 4.6 and above it will default to TLS 1.2 and you do not need to specify TLS 1.2
For .Net 4.0 you need the below instead.
System.Net.ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
NET 3.5 or below you need to install the appropriate Microsoft Patch for your OS (listed in the blog).