Make Kestrel Endpoints' "SslProtocols" settable via config

[halter73]

Is your feature request related to a problem? Please describe.

Given our recent changes to Kestrel's default supported TLS protocol versions, we should make "SslProtocols" settable via config, not just code as demonstrated in the announcement.

Describe the solution you'd like

Putting something like the following appsettings.json should configure "SslProtocols".

{
  "Kestrel": {
    "EndpointDefaults": {
      "SslProtocols": [ "Tls11", "Tls12", "Tls13" ]
    },
    "Endpoints": {
      "NamedHttpsEndpoint": {
        "Url": "https://localhost:6443",
        "SslProtocols": [ "Tls12", "Tls13" ]
      }
    }
  }
}

Additional context

#22437

[fstaffa]

I would like to tackle this issue. Do I understand it correctly that it is about parsing configuration in ConfigurationReader and then passing it correctly in KestrelConfigurationLoader ?

There are tests related to ConfigurationReader I can update, but I haven't found any tests related to KestrelConfigurationLoader. Did I miss something?

[halter73]

Thanks for taking a look.

There's https://github.com/dotnet/aspnetcore/blob/4d367898b3e904394b48f9a461a06ddb4657be07/src/Servers/Kestrel/Kestrel/test/KestrelConfigurationBuilderTests.cs. Feel free to rename it to KestrelConfigurationLoaderTests in your PR.

[fstaffa]

Thank you for a quick reply. I will rename the tests to avoid confusion and I will create an MR later this week.