Menu
I'm getting an SSL error when making a SOAP call with an SSL certificate:
The request was aborted: Could not create SSL/TLS secure channel.
The weird thing is that if I load the certificate in Firefox and visit the endpoint or make a call to the API without sending any data, I don't get any error message and it connects successfully. The company exposing the API has also mentioned that the certificate is kosher.
The certificate I'm loading has full privileges to "Everyone". I've tried every solution I've seen on the internet but still getting the error.
Here is my code that creates the request:
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var request = (HttpWebRequest)WebRequest.Create(plugin.EndPoint);
request.ContentType = "text/xml; charset=utf-8";
request.Method = "POST";
The code to get the certificate (I've also tried with a pfx):
var cert = new
509Certificate2(@"C:\clientcert.p12", "FakePassword");
request.ClientCertificates.Add(cert);
and the code for the request:
byte[] byteArray = Encoding.UTF8.GetBytes(xml);
request.ContentLength = byteArray.Length;
using (var dataStream = request.GetRequestStream())
{
dataStream.Write(byteArray, 0, byteArray.Length);
dataStream.Close();
using (WebResponse response = request.GetResponse())
{
using (var responseStream = response.GetResponseStream())
{
StreamReader reader =
new StreamReader(responseStream ?? throw new InvalidOperationException());
return reader.ReadToEnd();
}
}
}
Edit:
Here is the trace output from running the request:
System.Net Information: 0 : [11844] InitializeSecurityContext(In-Buffers count=2, Out-Buffer length=0, returned code=CertUnknown). System.Net Error: 0 : [11844] Exception in HttpWebRequest#63832831:: - The request was aborted: Could not create SSL/TLS secure channel.. System.Net Error: 0 : [11844] Exception in HttpWebRequest#63832831::EndGetRequestStream - The request was aborted: Could not create SSL/TLS secure channel..
I also changed the SecurityProtocol:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
Second Edit: I can get it to work in SoapUI but not in the .NET application by just loading the SSL certificate from the file system in SOAP UI.
416
The error “The request was aborted: Could not create SSL/TLS secure channel.” can happen during any download HTTP request. This error generally will correspond to firewalls, proxies or DNS filtering blocking the connection or an SSL/TLS cipher misconfiguration.
However, the "Could not create SSL/TLS secure channel" error usually means that there's something wrong with the server certificate, e.g. the certificate is for a different hostname, or otherwise invalid, or not trusted etc.
To solve this error, you must ensure . NET Framework is using SSL/TLS 1.1 on Windows settings. There are two options for solving this: editing the Windows registry or reinstalling the . NET Framework.
A common reason you may receive the error Could not establish trust relationship for the SSL/TLS secure channel is because the SSL certificate isn't trusted. If the SSL certificate is not trusted, you will need to install the SSL certificate's root certificate.
Out of interest, your app is using the TLS 1.0, 1.1 and 1.2 protocols, but is its use enabled in Internet Explorer?
If it's not in the web.config, add it
<appSettings>
<add key="SecurityProtocol" value="Tls12" />
</appSettings>
Then also check it's enabled in IE in the advanced settings tab: "Use TLS 1.2"
192
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
