Click here to Skip to main content
14,427,367 members

Dominic Burford - Professional Profile



Summary

Follow on Twitter LinkedIn      Blog RSS
6,520
Author
2,053
Authority
9,360
Debator
8
Editor
100
Enquirer
210
Organiser
2,702
Participant
I am a professional software engineer and architect with over eighteen years commercial development experience with a strong focus on the design and development of web and mobile applications.

I have experience of architecting scalable, distributed, high volume web applications that are accessible from multiple devices due to their responsive web design, including architecting enterprise service-oriented solutions. I have also developed enterprise mobile applications using Xamarin and Telerik Platform.

I have extensive experience using .NET, ASP.NET, Windows and Web Services, WCF, SQL Server, LINQ and other Microsoft technologies. I am also familiar with HTML, Bootstrap, Javascript (inc. JQuery and Node.js), CSS, XML, JSON, Apache Cordova, KendoUI and many other web and mobile related technologies.

I am enthusiastic about Continuous Integration, Continuous Delivery and Application Life-cycle Management having configured such environments using CruiseControl.NET, TeamCity and Team Foundation Services. I enjoy working in Agile and Test Driven Development (TDD) environments.

Outside of work I have two beautiful daughters. I am also an avid cyclist who enjoys reading, listening to music and travelling.

 

Reputation

For more information on Reputation please see the FAQ.

Privileges

Members need to achieve at least one of the given member levels in the given reputation categories in order to perform a given action. For example, to store personal files in your account area you will need to achieve Platinum level in either the Author or Authority category. The "If Owner" column means that owners of an item automatically have the privilege. The member types column lists member types who gain the privilege regardless of their reputation level.

ActionAuthorAuthorityDebatorEditorEnquirerOrganiserParticipantIf OwnerMember Types
Have no restrictions on voting frequencysilversilversilversilver
Bypass spam checks when posting contentsilversilversilversilversilversilvergoldSubEditor, Mentor, Protector, Editor
Store personal files in your account areaplatinumplatinumSubEditor, Editor
Have live hyperlinks in your profilebronzebronzebronzebronzebronzebronzesilverSubEditor, Protector, Editor
Have the ability to include a biography in your profilebronzebronzebronzebronzebronzebronzesilverSubEditor, Protector, Editor
Edit a Question in Q&AsilversilversilversilverYesSubEditor, Protector, Editor
Edit an Answer in Q&AsilversilversilversilverYesSubEditor, Protector, Editor
Delete a Question in Q&AYesSubEditor, Protector, Editor
Delete an Answer in Q&AYesSubEditor, Protector, Editor
Report an ArticlesilversilversilversilverSubEditor, Mentor, Protector, Editor
Approve/Disapprove a pending ArticlegoldgoldgoldgoldSubEditor, Mentor, Protector, Editor
Edit other members' articlesSubEditor, Protector, Editor
Create an article without requiring moderationplatinumSubEditor, Mentor, Protector, Editor
Approve/Disapprove a pending QuestionProtector
Approve/Disapprove a pending AnswerProtector
Report a forum messagesilversilverbronzeProtector, Editor
Approve/Disapprove a pending Forum MessageProtector
Create a new tagsilversilversilversilver
Modify a tagsilversilversilversilver

Actions with a green tick can be performed by this member.


 
GeneralFinding a solution to an Azure web app deployment problem Pin
Dominic Burford18hrs 37mins ago
professionalDominic Burford18hrs 37mins ago 
GeneralStructured Logging Pin
Dominic Burford24-Dec-19 2:28
professionalDominic Burford24-Dec-19 2:28 
GeneralEnabling TLS 1.2 on your .NET application Pin
Dominic Burford12-Dec-19 0:11
professionalDominic Burford12-Dec-19 0:11 
I recently came across an issue with several of our ASP.NET WebAPI services which were consuming a third-party set of APIs. These third-party APIs were configured to disable any requests from clients that were using TLS 1.0/1.1. Unfortunately, this included our own APIs. All requests to the third-party API were returning empty responses. After some discussion with one of the developers of the third-party APIs, he suggested the issue may be related to TLS 1.2 not being supported as he had seen the issue before.

Firstly, what is TLS? Here's a definition from a Microsoft article that describes TLS best practices with regards to the .NET Framework.
Quote:
The Transport Layer Security (TLS) protocol is an industry standard designed to help protect the privacy of information communicated over the Internet. TLS 1.2 is a standard that provides security improvements over previous versions. TLS 1.2 will eventually be replaced by the newest released standard TLS 1.3 which is faster and has improved security
- Transport Layer Security (TLS) best practices with the .NET Framework | Microsoft Docs

I was able to run the third-party APIs from our local test environment, but not when I ran them from our staging / production environments which were hosted on Azure. I had to make several changes, including code changes to the ASP.NET WebAPI services and changes to our Azure hosting environments.

As many current servers are moving towards TLS 1.2/1.3 and removing support for TLS 1.0 /1.1, connectivity issues between newer servers and older (legacy) .NET applications are becoming more common. Installing a newer version of the .NET Framework onto your development environment is not the answer. The solution is down to the version of the .NET Framework used for compiling your project. This is what actually matters when it comes to selecting the supported TLS version during the TLS handshake.

In this article I will describe the changes I have made to our Azure hosting (where our ASP.NET WebAPIs are hosted) and the code changes which enabled TLS 1.2 support.

Upgrading our Azure hosting to support TLS 1.2

More accurately the changes I have made to our Azure hosting have removed support for earlier versions of TLS i.e. TLS 1.0/1.1. Although this change was not strictly necessary to fix the problem I was experiencing, it was appropriate in terms of tightening up the security of our ASP.NET WebAPIs and to ensure that our own APIs can only be accessed by clients that support TLS 1.2. This is quite simply achieved by opening the Azure portal and navigating to the App Service hosting. From there the TLS/SSL Settings blade can be selected.

I have set this to TLS 1.2 for both our staging and production environments. This sets the minimum TLS version. Therefore our hosting environments will no longer accept requests from earlier versions of TLS.

Code changes to support TLS 1.2

Depending on what version of .NET Framework your project uses will dictate the possible solutions available to you. If your project compiles against .NET Framework >= 4.7 then you are already good to go. Applications developed in .NET Framework 4.7 or greater automatically default to whatever the operating system they run on considers safe (which currently is TLS 1.2 and will later include TLS 1.3).

If your application has been developed in a version of the .NET Framework prior to 4.7 then you have two options.

- Recompile your application using .NET Framework 4.7 or greater

- If recompiling your application is not something you can do then you can update your .config file by adding the following.
<configuration>
 <runtime>
  <AppContextSwitchOverrides value="Switch.System.Net.DontEnableSystemDefaultTlsVersions=false"/>
 </runtime>
</configuration>
Also make sure you have the following set in your .config file.
<system.web>
 <compilation targetFramework="x.y.z" />
 <httpRuntime targetFramework="x.y.z" /> <-- this is the important one!
</system.web>
It is obviously preferable if x.y.x are the same i.e. that the application is compiled against and runs against the same .NET Framework version. So in the code sample x.y.z could be 4.6.1 or some other version of .NET Framework prior to 4.7.

In the cases where recompilation is not an option and you need to update your .config file instead (as described above), this should be viewed as a temporary workaround. The preferred (and best practice) solution is to recompile your application as soon as possible.

Microsoft have put together a useful document describing the best practices relating to TLS 1.2. The advice in this document should be carefully read and understood in order to fully secure your application.

So if your application doesn't already support TLS 1.2 then it's a good idea to put aside some time to make sure it does. Ensuring your application is up-to-date in terms of security can only be a good thing.
"There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult." - C.A.R. Hoare

Home | LinkedIn | Google+ | Twitter


modified 12-Dec-19 5:22am.

GeneralThe new version of the app is (almost) ready for release Pin
Dominic Burford8-Nov-19 0:28
professionalDominic Burford8-Nov-19 0:28 
GeneralChunking your lists into multiple smaller lists Pin
Dominic Burford11-Sep-19 4:40
professionalDominic Burford11-Sep-19 4:40 
GeneralWriting flexible filters for your data using Predicates Pin
Dominic Burford16-Jul-19 7:11
professionalDominic Burford16-Jul-19 7:11 
GeneralRe: Writing flexible filters for your data using Predicates Pin
Slacker00716-Jul-19 23:09
professionalSlacker00716-Jul-19 23:09 
GeneralRe: Writing flexible filters for your data using Predicates Pin
Dominic Burford17-Jul-19 2:17
professionalDominic Burford17-Jul-19 2:17 
GeneralBlocking Asynchronous Code Pin
Dominic Burford4-Jul-19 23:11
professionalDominic Burford4-Jul-19 23:11 
GeneralDesigning and implementing flexible RESTful services Pin
Dominic Burford14-Jun-19 1:50
professionalDominic Burford14-Jun-19 1:50 
GeneralWriting asynchronous code with .NET Pin
Dominic Burford10-Jun-19 4:34
professionalDominic Burford10-Jun-19 4:34 
GeneralWeird Minification Behaviour in ASP.NET Core Pin
Dominic Burford28-May-19 4:54
professionalDominic Burford28-May-19 4:54 
GeneralThe Importance of Structure and Dilligence Pin
Dominic Burford24-May-19 7:14
professionalDominic Burford24-May-19 7:14 
GeneralWhen should you rewrite that legacy application? Pin
Dominic Burford22-May-19 1:03
professionalDominic Burford22-May-19 1:03 
GeneralImproving Your SQL Stored Procedures Pin
Dominic Burford2-May-19 6:47
professionalDominic Burford2-May-19 6:47 
GeneralPassing a list of items to a SQL stored procedure Pin
Dominic Burford27-Mar-19 1:55
professionalDominic Burford27-Mar-19 1:55 
GeneralSoftware development is like plumbing Pin
Dominic Burford8-Mar-19 6:12
professionalDominic Burford8-Mar-19 6:12 
GeneralVersioning a .NET Core 2.2 application Pin
Dominic Burford7-Mar-19 6:04
professionalDominic Burford7-Mar-19 6:04 
GeneralUsing tags with push notifications from Azure Notification Hub Pin
Dominic Burford18-Feb-19 0:21
professionalDominic Burford18-Feb-19 0:21 
GeneralSending Push Notifications with Azure Notification Hub Pin
Dominic Burford25-Jan-19 5:34
professionalDominic Burford25-Jan-19 5:34 
GeneralUnit testing a Xamarin Forms mobile app Pin
Dominic Burford13-Jan-19 22:59
professionalDominic Burford13-Jan-19 22:59 
GeneralApple development sucks Pin
Dominic Burford8-Jan-19 2:09
professionalDominic Burford8-Jan-19 2:09 
GeneralBut the tech giants are private companies Pin
Dominic Burford19-Dec-18 6:31
professionalDominic Burford19-Dec-18 6:31 
GeneralThe latest version of our app nears completion Pin
Dominic Burford7-Dec-18 3:21
professionalDominic Burford7-Dec-18 3:21 
GeneralIs Silicon Valley a force for good? Pin
Dominic Burford27-Nov-18 22:57
professionalDominic Burford27-Nov-18 22:57 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.