This documentation is archived and is not being maintained.

SecurityProtocolType Enumeration

Specifies the security protocols that are supported by the Schannel security package.

This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.

Namespace:  System.Net
Assembly:  System (in System.dll)

'Declaration
<FlagsAttribute> _
Public Enumeration SecurityProtocolType

Member nameDescription
Ssl3Specifies the Secure Socket Layer (SSL) 3.0 security protocol.

SSL 3.0 has been superseded by the Transport Layer Security (TLS) protocol and is provided for backward compatibility only.

TlsSpecifies the Transport Layer Security (TLS) 1.0 security protocol.

TLS assumes that a connection-oriented protocol, typically TCP, is in use. The TLS protocol is defined in IETF RFC 2246.

This enumeration defines permissible values for the SecurityProtocol property and specifies the security protocols that are used by instances of the SslStream class.

The following code example demonstrates creating a TcpClient that uses the SslStream class to communicate with a server.


Imports System
Imports System.Collections
Imports System.Net
Imports System.Net.Security
Imports System.Net.Sockets
Imports System.Security.Authentication
Imports System.Text
Imports System.Security.Cryptography.X509Certificates
Imports System.IO

Namespace Examples.System.Net
	Public Class SslTcpClient
		Private Shared certificateErrors As New Hashtable()

		' The following method is invoked by the RemoteCertificateValidationDelegate.
		Public Shared Function ValidateServerCertificate(ByVal sender As Object, ByVal certificate As X509Certificate, ByVal chain As X509Chain, ByVal sslPolicyErrors As SslPolicyErrors) As Boolean
		   If sslPolicyErrors = SslPolicyErrors.None Then
				Return True
		   End If

			Console.WriteLine("Certificate error: {0}", sslPolicyErrors)

			' Do not allow this client to communicate with unauthenticated servers.
			Return False
		End Function
		Public Shared Sub RunClient(ByVal machineName As String, ByVal serverName As String)
			' Create a TCP/IP client socket.
			' machineName is the host running the server application.
			Dim client As New TcpClient(machineName,443)
			Console.WriteLine("Client connected.")
			' Create an SSL stream that will close the client's stream.
			Dim sslStream As New SslStream(client.GetStream(), False, New RemoteCertificateValidationCallback (AddressOf ValidateServerCertificate), Nothing)
			' The server name must match the name on the server certificate.
			Try
				sslStream.AuthenticateAsClient(serverName)
			Catch e As AuthenticationException
				Console.WriteLine("Exception: {0}", e.Message)
				If e.InnerException IsNot Nothing Then
					Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
				End If
				Console.WriteLine ("Authentication failed - closing the connection.")
				client.Close()
				Return
			End Try
			' Encode a test message into a byte array.
			' Signal the end of the message using the "<EOF>".
			Dim messsage() As Byte = Encoding.UTF8.GetBytes("Hello from the client.<EOF>")
			' Send hello message to the server. 
			sslStream.Write(messsage)
			sslStream.Flush()
			' Read message from the server.
			Dim serverMessage As String = ReadMessage(sslStream)
			Console.WriteLine("Server says: {0}", serverMessage)
			' Close the client connection.
			client.Close()
			Console.WriteLine("Client closed.")
		End Sub
		Private Shared Function ReadMessage(ByVal sslStream As SslStream) As String
			' Read the  message sent by the server.
			' The end of the message is signaled using the
			' "<EOF>" marker.
			Dim buffer(2047) As Byte
			Dim messageData As New StringBuilder()
			Dim bytes As Integer = -1
			Do
				bytes = sslStream.Read(buffer, 0, buffer.Length)

				' Use Decoder class to convert from bytes to UTF8
				' in case a character spans two buffers.
				Dim decoder As Decoder = Encoding.UTF8.GetDecoder()
				Dim chars(decoder.GetCharCount(buffer,0,bytes) - 1) As Char
				decoder.GetChars(buffer, 0, bytes, chars,0)
				messageData.Append (chars)
				' Check for EOF.
				If messageData.ToString().IndexOf("<EOF>") <> -1 Then
					Exit Do
				End If
			Loop While bytes <> 0

			Return messageData.ToString()
		End Function
		Private Shared Sub DisplayUsage()
			Console.WriteLine("To start the client specify:")
			Console.WriteLine("clientSync machineName [serverName]")
			Environment.Exit(1)
		End Sub
		Public Shared Function Main(ByVal args() As String) As Integer
			Dim serverCertificateName As String = Nothing
			Dim machineName As String = Nothing
			If args Is Nothing OrElse args.Length <1 Then
				DisplayUsage()
			End If
			' User can specify the machine name and server name.
			' Server name must match the name on the server's certificate. 
			machineName = args(0)
			If args.Length <2 Then
				serverCertificateName = machineName
			Else
				serverCertificateName = args(1)
			End If
			SslTcpClient.RunClient(machineName, serverCertificateName)
			Return 0
		End Function
	End Class
End Namespace



.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Show: