The request was aborted: Could not create SSL/TLS secure channel

c# asp.net ssl httpwebrequest

I had to enable other security protocol versions to resolve the issue:

    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
        | SecurityProtocolType.Tls11
        | SecurityProtocolType.Tls12
        | SecurityProtocolType.Ssl3;

I enabled logging using this code:

http://blogs.msdn.com/b/dgorti/archive/2005/09/18/471003.aspx

The log was in the bin/debug folder (I was in Debug mode for my console app). You need to add the security protocol type as SSL 3

I received an algorithm mismatch in the log. Here is my new code:

        // You must change the URL to point to your Web server.
        HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
        req.Method = "GET";
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;


        // Skip validation of SSL/TLS certificate
        ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };


        WebResponse respon = req.GetResponse();
        Stream res = respon.GetResponseStream();

        string ret = "";
        byte[] buffer = new byte[1048];
        int read = 0;
        while ((read = res.Read(buffer, 0, buffer.Length)) > 0)
        {
            Console.Write(Encoding.ASCII.GetString(buffer, 0, read));
            ret += Encoding.ASCII.GetString(buffer, 0, read);
        }
        return ret;

Similar to an existing answer but in PowerShell:

[System.Net.ServicePointManager]::SecurityProtocol = `
[System.Net.SecurityProtocolType]::Tls11 -bor 
[System.Net.SecurityProtocolType]::Tls12 -bor `   
[System.Net.SecurityProtocolType]::Tls -bor `
[System.Net.SecurityProtocolType]::Ssl3

Then calling Invoke-WebRequest should work.

Got this from anonymous feedback, good suggestion: Simpler way to write this would be:

[System.Net.ServicePointManager]::SecurityProtocol = @("Tls12","Tls11","Tls","Ssl3")

Found this fantastic and related post by Jaykul: Validating Self-Signed Certificates From .Net and PowerShell


This could be caused by a few things (most likely to least likely):

  1. The server's SSL certificate is untrusted by the client. Easiest check is to point a browser at the URL and see if you get an SSL lock icon. If you get a broken lock, icon, click on it to see what the issue is:

    1. Expired dates - get a new SSL certificate
    2. Name does not match - make sure that your URL uses the same server name as the certificate.
    3. Not signed by a trusted authority - buy a certificate from an authority such as Verisign, or add the certificate to the client's trusted certificate store.
    4. In test environments you could update your certificate validator to skip access checks. Don't do this in production.

  2. Server is requiring Client SSL certificate - in this case you would have to update your code to sign the request with a client certificate.

Related

BULK INSERT with identity (auto-increment) column
Join Date and Time to DateTime in C#
How can I see CakePHP's SQL dump in the controller?
remove xcode recent projects from dock menu
is there a way to highlight all the special accent characters in sublime text or any other text editor?
Iterate through files in a folder and its subfolders using Swift's FileManager
Add/remove class with jquery based on vertical scroll?
ES6 in JShint - .jshintrc has esversion, but still getting warning (using atom)
Getting error ImportMismatchError while running py.test
aspx page to redirect to a new page
Delete multiple files matching a pattern
How do I add a newline to command output in PowerShell?