Avalara Developer Network Developer avaTax

Using our C# SOAP Libs with TLS 1.2

One of the fun parts of my job is getting to field developer support requests. Besides the joy of being able to solve a customer’s problem and make them happy, I often get to fire up a development environment I’m unfamiliar with and learn something myself.

This past week, we had a question about getting Avalara’s C# SOAP library to use TLS 1.2. TL;DR If you just want the instructions with no story, visit the post on getting Avalara’s C# SOAP library to use TLS 1.2

The Story

A developer was only able to get Avalara’s AvaTax SOAP library for C# working with SSL 3.0 / TLS 1.0 and realized it was going to impact their ability to be PCI compliant. They posted a question to our community site and it got assigned to me.

I was at home when I had a chance to answer, so I fired up Visual Studio Community Edition on my machine, downloaded Avalara’s AvaTax SOAP library for C# from Github, downloaded Fiddler, and got to work.

For those of you not familiar with Fiddler, it’s a great tool for analyzing the network traffic (particularly HTTP/S) coming in and out of your machine, looking at headers and bodies of HTTP/S queries and responses, etc. It’s helped me solve a number of problems with API clients without adding debug code, because I could watch the live traffic between the client and the server.

As soon as I got the sample up and running, I could see via Fiddler’s inspection of the traffic with Avalara that it was negotiating an SSL 3.0 / TLS 1.0 connection. So I did what any good programmer does, I Googled how to implement a TLS 1.2 connection in C#. There were a number of answers that all suggested adding the System.Net assembly in the Using directives and adding the following line to my code.

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

But whenever I tried to run that, it told me that Tls12 wasn’t part of the SecurityProtocolType enum. I dug down and found that the enum only had Ssl and Tls as values. I thought for a bit and remembered that all the articles recommending this approach said that TLS 1.2 had been implemented in .Net 4.5.

Now I’m not normally a C# developer, but I was lucky enough to write the docs for a C# library that accompanied Microsoft’s first release of WebDriver for the short-lived Internet Explorer Developer Channel, and I knew from writing those docs that there were various targeting variables in the project properties (because you had to check/adjust certain variables to get WebDriver to run). I went into the project properties, and sure enough, we were targeting .Net 4.0 instead of 4.5 or higher. I upgraded that to .Net 4.5, tested the code again, and Fiddler started reporting TLS 1.2 connections.

I wrote up my response, posted it to our community site, and was able to solve that developer’s issue.

What are my top 3 takeaways for you from this?

  1. Yes, you can run our AvaTax code library for C# with TLS 1.2.
  2. Never be afraid to Google stuff. :-)
  3. If you're testing any client/server communication on Windows, be it an API client, web client, etc., download and learn how to use Fiddler. It's worth its weight in gold.

Subscribe via RSS!

Back to posts