Here is what I have discovered so far.
Initial server setup:
Server: Windows 2008 R2
IIS: 7.5
.NET: 4.0
AbleCommerce GOLD: R5 (WSP) with modifications
Using WireShark, I could see that the calls to UPS and FedEx were using TLS 1.0.
Disabled TLS 1.0 client in the Windows registry: connection attempts failed.
Installed .NET 4.5.2 on server (TLS 1.0 client still disabled in registry): connection attempts failed.
Added this code in Application_Start in Global.asax (TLS 1.0 client still disabled in registry, .NET 4.5.2 still installed):
Code: Select all
System.Net.ServicePointManager.SecurityProtocol = (System.Net.SecurityProtocolType)3072; //in .NET 4.5, this is System.Net.SecurityProtocolType.Tls12;
Now rates are returned (UPS and FedEx), Wireshark shows TLS 1.2.
Note that I did not change the target of the AC project to .NET 4.5. Therefore, I had to cast the correct value to System.Net.SecurityProtocolType instead of using the constant System.Net.SecurityProtocolType.Tls12, which isn't defined in .NET 4.0.
I don't know what the results would be with Windows Server 2012+, IIS 8+, AC Gold R6+ unmodified install, etc.
EDIT: added clarification that changes were carried through at each step, specified where in Global.asax I added code.