39497: MassTransit Cipher Compatibility

use Google Translate

Applies to: 

Last update: 06-04-2016

Summary:

MassTransit provides support for AES-128 and AES-256 encryption algorithms that are recognized as industry standard. In order to utilize these new encryption methods while maintaining connectivity to legacy MassTransit servers, ensure that your server listen and client encryption request are compatible.

Description:

If your MassTransit server is connecting securely to pre-6.0 versions of MassTransit, you may need to enable the legacy compatibility mode on your secure listens. Please consult the attached document for a compatibility matrix describing the valid combinations of encryption algorithms.

If you do encounter incompatible TCP/IP Secure encryption settings, you will generally get a clear error message describing the problem. In rare cases, the message may not provide a clear reason for failure. For example:

Connection refused because the remote machine was using an insufficient encryption level:335982795 (6776)

Subsequent connection attempts will likely produce the message:

Connection closed unexpectedly during probes.

In this case, your problem is almost certainly an incompatibility issue. Please verify using the attached compatibility matrix that your listens and ciphers are set appropriately and contact MassTransit support if you continue to have problems.

Related Document:

Tags: