TLS Protocol Configuration for .NET

Why this changed

The engine no longer forces ServicePointManager.SecurityProtocol to include specific protocol versions.

Explicitly listing protocols can unintentionally allow weak versions (for example SSL 3.0, TLS 1.0, TLS 1.1) and can override safer machine/runtime defaults.

For .NET Framework deployments, preferred practice is to use strong cryptography settings at the OS/.NET configuration level, not in application code.

What this means for users

Fluent does not force a minimum or maximum TLS protocol in code.
The effective TLS versions are controlled by:
- Windows Schannel policy
- .NET Framework strong cryptography settings
- Runtime defaults on the host machine

Recommended configuration

Use Microsoft guidance to enable strong cryptography and TLS 1.2 (or newer where supported):

How to enable TLS 1.2 on clients (Configuration Manager)

For customer-facing setup guidance in the Fluent ecosystem, see:

TLS FAQ (Store/Licensing)

Troubleshooting

If HTTPS connections fail after tightening TLS policies:

Confirm the target server supports TLS 1.2 or newer.
Confirm client OS and .NET Framework are patched and configured for strong cryptography.
Verify any outbound proxies or TLS inspection devices support the same protocol/cipher requirements.

Why this changed​

What this means for users​

Recommended configuration​

Troubleshooting​

Why this changed

What this means for users

Recommended configuration

Troubleshooting