WEC 7.0 on Colibri VF61 with TLS 1.2 support

Hi, i come from here.
I would like to know if the update done by Microsoft for WEC7 to integrate support for TLS 1.2, is avaiable on your BSP also for the VF61 version.

Dear @EnricoPompeiani

Yes, the TLS V1.2 support is available, but only for WEC7:

I’m quoting from the post you refer to:

You can refer to the BSP release roadmap to see that this update was included in the V1.6b2 release.
However, Microsoft provided this extension only for WEC7 (and later for WEC2013), but it is not available for CE6.

I recommend to update your software to WEC7. It should be an easy switch from CE6. In the best case you won’t even notice any difference.

Regards, Andy

Hello again,

I feel the need to rephrase my Question with more details:

We developed a service application that connects and transmits data between our main application (in C++) and the Web Server provided by our clients.

The main reason this app is separated and written in C# is to manage the integration of the WSDL references needed to interface to their Web Server.

So it implicitly use the .NETCF 3.5 We installed on CE6 using the cab you distributed.

Now, the Question become:

Is the upgrade to WEC7 enough to ensure flawless TLS1.2 support (also by forcing use of TLS 1.2 in the registry), or are some other changes regarding .NET needed?

Does .NET CF support somehow the new TLS protocols and how to use them?



Dear @EnricoPompeiani
I’m afraid you probably have more experience with TLS than we do. We integrate the Microsoft components into our BSP and do basic tests whether it is working, but we hardly ever use it to write regular real-world applications.

The best thing you can do is setup a test system using WEC7 and .NETCF 3.5, and write a small application to verify whether all your required features are available and working.
To my knowledge there’s no support for anything newer than TLS 1.2 in the .NETCF.



Just wanted to quickly update and close this ticket by letting anyone that bumps into this know that there are a few solutions.
The one we decided to go for has been integrating the Rebex TLS 1.2, which is very easy to implement by simply registering their classes to be automatically used in the stack instead of the usual .NET CF ones. (but its not free).
An alternative can also be implementing mbedTLS.