diff --git a/duo_api_csharp/Duo.cs b/duo_api_csharp/Duo.cs
index bc38e92..5b8ea18 100644
--- a/duo_api_csharp/Duo.cs
+++ b/duo_api_csharp/Duo.cs
@@ -4,6 +4,7 @@
*/
using System;
+using System.Configuration;
using System.Collections.Generic;
using System.IO;
using System.Net;
@@ -38,6 +39,20 @@ public class DuoApi
private RandomService randomService;
private bool sslCertValidation = true;
private X509CertificateCollection customRoots = null;
+
+ // TLS 1.0/1.1 deprecation effective June 30, 2023
+ // Of the SecurityProtocolType enum, it should be noted that SystemDefault is not available prior to .NET 4.7 and TLS 1.3 is not available prior to .NET 4.8.
+ private static SecurityProtocolType SelectSecurityProtocolType
+ {
+ get
+ {
+ SecurityProtocolType t;
+ if (!Enum.TryParse(ConfigurationManager.AppSettings["DuoAPI_SecurityProtocolType"], out t))
+ return SecurityProtocolType.Tls12;
+
+ return t;
+ }
+ }
/// Duo integration key
/// Duo secret key
@@ -273,6 +288,8 @@ StreamReader reader
private HttpWebRequest PrepareHttpRequest(String method, String url, String auth, String date,
String cannonParams, int timeout)
{
+ ServicePointManager.SecurityProtocol = SelectSecurityProtocolType;
+
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.ServerCertificateValidationCallback = GetCertificatePinner();
request.Method = method;
diff --git a/duo_api_csharp/duo_api_csharp.csproj b/duo_api_csharp/duo_api_csharp.csproj
index e5ab47e..86f8272 100644
--- a/duo_api_csharp/duo_api_csharp.csproj
+++ b/duo_api_csharp/duo_api_csharp.csproj
@@ -35,6 +35,7 @@
+
@@ -56,4 +57,4 @@
-
\ No newline at end of file
+