Daniel Salzedo

My feedback

  1. 47 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  PowerShell » Microsoft.PowerShell.* Modules  ·  Flag idea as inappropriate…  ·  Admin →
    survey  ·  Zachary Alexander responded

    changing to Survey based on Joonas’ comment below – request is to have a flag to force TLS 1.2.

    Daniel Salzedo commented  · 

    I have also found this applies to the System.Net.WebClient object. If you call the DownloadFile method for an TLS URL on a server that supports only TLS v1.1 or 1.2 it will fail with this error:

    "Exception calling "DownloadFile" with "2" argument(s): "An exception occurred during a WebClient request.

    Any Powershell component that invokes a TLS connection should act like any other normal TLS client. It should negotiate the highest level of TLS available (v1.2 at present) first and then degrade down to TLS v1.1 and 1.0 only if this does not succeed. Having the ability to control this if needed via [Net.ServicePointManager]::SecurityProtocol is useful but it should not be required unless fine-grained control is needed for some reason. (BTW Thank you Joonas Tuomisto for posting that as a work-around)

    Daniel Salzedo supported this idea  · 

Feedback and Knowledge Base