- 1 year ago
WinHttpSetOption for HTTPS only
The WinHttpSetOption
function in Windows allows you to set various options for HTTP requests made with WinHTTP. To configure WinHTTP to work with HTTPS only, you need to set the WINHTTP_OPTION_SECURE_PROTOCOLS
option.
The WINHTTP_OPTION_SECURE_PROTOCOLS
option allows you to specify which SSL/TLS protocols are enabled for the request. To enable HTTPS only, you need to disable older SSL/TLS protocols (such as SSL 2.0 and SSL 3.0) and enable only the newer TLS protocols (TLS 1.0, TLS 1.1, and TLS 1.2).
Here's how you can use WinHttpSetOption
to configure WinHTTP to work with HTTPS only:
c#include <windows.h>
#include <winhttp.h>
int main() {
HINTERNET hSession = WinHttpOpen(L"WinHTTP Example/1.0", WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0);
if (!hSession) {
// Handle error
return 1;
}
DWORD dwSecureProtocols = WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_0 |
WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1 |
WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2;
if (!WinHttpSetOption(hSession, WINHTTP_OPTION_SECURE_PROTOCOLS, &dwSecureProtocols, sizeof(dwSecureProtocols))) {
// Handle error
WinHttpCloseHandle(hSession);
return 1;
}
// Perform your HTTP/HTTPS requests with WinHTTP here...
WinHttpCloseHandle(hSession);
return 0;
}
In the above example, we use the WinHttpSetOption
function to set the WINHTTP_OPTION_SECURE_PROTOCOLS
option to enable TLS 1.0, TLS 1.1, and TLS 1.2 protocols while disabling older SSL protocols. This ensures that WinHTTP will only use HTTPS for secure communication.
Please note that some older systems may not support TLS 1.1 and TLS 1.2, and in such cases, you may need to modify the dwSecureProtocols
accordingly. Additionally, keep in mind that the usage of TLS 1.0 is generally discouraged due to security vulnerabilities, and it's recommended to use TLS 1.1 or TLS 1.2 instead.