SslSettings Class

Name	Description
SslAcceptAllCertificates	Specifies whether to accept all server certificates by default. This is strongly discouraged in production environment.
SslAllowedCurves	Gets or sets the group of allowed elliptic curves (for ECDHE cipher suites).
SslAllowedSuites	Gets or sets the group of allowed TLS/SSL cipher suites.
SslAllowedVersions	Gets or sets allowed TLS/SSL versions.
SslAllowVulnerableSuites	Gets or sets a value indicating whether vulnerable ciphers might be enabled using SslAllowedSuites property.
SslChannelBindingEnabled	Enables or disables secure channel binding. Only supported on Windows.
SslClientCertificateRequestHandler	Gets or sets TLS/SSL client certificate request handler.
SslDoNotInsertEmptyFragment	Do not send empty record after successful handshake with CBC ciphers.
SslEnableSilentClosure	Enables or disables the requirement for the other side of the connection to send closure alert (close_notify messages). This is in violation of the RFC and potentially opens the communication to truncation attack, but unfortunately it's needed when communicating with some broken TLS servers. When set to null, a behavior suitable for the application protocol is used, depending o whether the protocol is self-terminated. Only applies to TLS 1.2 or lower.
SslExtendedMasterSecretEnabled	Enables or disables extended master secret extension.
SslMinimumDiffieHellmanKeySize	Gets or sets the minimum allowed size (in bits) of the ephemeral Diffie-Hellman prime. Valid values are from 512 to 16384, inclusive.
SslRenegotiationExtensionEnabled	Enables or disables renegotiation indication extension. This option is deprecated, please use SslRenegotiationMode instead.
SslRenegotiationMode	Sets allowed renegotiation mode.
SslServerCertificateValidationOptions	Gets or sets validation options to use when validating a server certificate using the default certificate validator. This value is passed as Options as well.
SslServerCertificateVerifier	Gets or sets TLS/SSL server certificate verifier.
SslServerName	Gets or sets TLS/SSL server's common name.
SslServerNameIndicationEnabled	Enables and disables server name indication.
SslSession	Gets or sets a TLS/SSL session to resume.
SslStrictKeyUsageValidation	Gets or sets a key usage check mode for server certificate.
UseDefaultDomain	Specifies whether to use default domain or NULL domain for SSPI if domain not specified.

Methods

Name	Description
GetNamedGroups()	Returns an enumerator that yields allowed named groups, in order of preference, for TLS 1.3.
GetPreferredSuites()	Gets collection of TLS cipher suites that are used (in given order) in preference to the remaining suites specified by SslAllowedSuites. Only applies to TLS 1.2 or earlier. For TLS 1.3, use GetSymmetricCipherSuites() method.
GetPskKeyExchangeModes()	Returns an enumerator that yields allowed pre-shared key exchange modes for TLS 1.3.
GetSignatureSchemes()	Returns an enumerator that yields allowed signature schemes in order of preference.
GetSymmetricCipherSuites()	Gets an enumeration of allowed symmetric cipher suites for TLS 1.3 and their order. See SetSymmetricCipherSuites(TlsSymmetricCipherSuite[]) for more info.
SetNamedGroups(TlsNamedGroup[])	Sets allowed named groups, in order of preference, for TLS 1.3.
SetPreferredSuites(TlsCipherSuite[])	Sets TLS cipher suites to be used in preference to the remaining suites specified by SslAllowedSuites. Only applies to TLS 1.2 or earlier. For TLS 1.3, use SetSymmetricCipherSuites(TlsSymmetricCipherSuite[]) method.
SetPskKeyExchangeModes(TlsPskKeyExchangeMode[])	Sets allowed pre-shared key exchange modes for TLS 1.3.
SetSignatureSchemes(TlsSignatureScheme[])	Sets allowed signature schemes in order of preference.
SetSymmetricCipherSuites(TlsSymmetricCipherSuite[])	Specifies a list of allowed symmetric cipher suites for TLS 1.3 and their order. For TLS 1.2 and lower, use SslAllowedSuites property instead.
ToParameters()	Gets an instance of TlsParameters corresponding to these settings.