System.Net.WebException when using WebClient: Can not create SSL/TLS secure channel

Question

When I execute the following code

System.Net.ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => {
    return true;
};
var webClient = new WebClient();
var s = webClient.DownloadString("https://jtlplugins.x-volution.de/api.php?apikey=yS5VS7OiG1ukiIqLzCSYuFCjeF1qSskKOQeCtVxh&do=pruefe_app&cappid=123&chardwareid=DC0D-BFEA-6F79-58DE-21E9-BA3A-B288-C46F&clizenzschluessel=123");

I always get a System.Net.WebException: Can not create SSL/TLS secure channel

When I execute this

https://jtlplugins.x-volution.de/api.php?apikey=yS5VS7OiG1ukiIqLzCSYuFCjeF1qSskKOQeCtVxh&do=pruefe_app&cappid=123&chardwareid=DC0D-BFEA-6F79-58DE-21E9-BA3A-B288-C46F&clizenzschluessel=123

for example direct in Firefox or Internet Explorer, it works and give back a result.

What should I do that this is also executed with my code like in the browser?

I have read the other posts in stackoverflow about this problem - but they are not solving my problem :-(

Answer 1

If you close fiddler (if you have it open) and add the following the exception should go away

ServicePointManager.Expect100Continue = true;                
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Or at least it did for me when i tried your code like so

try
{
     ServicePointManager.Expect100Continue = true;                
     ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

     ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

     var webClient = new WebClient();

     var s = webClient.DownloadString("https://jtlplugins.x-volution.de/api.php?apikey=yS5VS7OiG1ukiIqLzCSYuFCjeF1qSskKOQeCtVxh&do=pruefe_app&cappid=123&chardwareid=DC0D-BFEA-6F79-58DE-21E9-BA3A-B288-C46F&clizenzschluessel=123");

     MessageBox.Show("Result" + s);
}
catch(Exception ex)
{ 
  MessageBox.Show(ex.Message); 
}

• Insecure code warning - Even though i am assuming you already know this and is not why your were getting a WebException with your code, I am adding a warning for potential future readers in the decades following the original posting of this question. The code:

  System.Net.ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => { return true; };

Will ignore any certificate validation errors and therefor by definition is not exactly secure. Please see the question C# Ignore certificate errors?

Answer 2

Below is an inheritance WebClient class which resolve a lot of general problems like this...

using System;
using System.Net;
namespace YourProgram.Web
{
    public class WebClient : System.Net.WebClient
    {
        public WebClient()
        {
            ServicePointManager.Expect100Continue = true;
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
            ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
            this.container = new CookieContainer();
        }
        public WebClient(CookieContainer container)
        {
            this.container = container;
        }

        public CookieContainer CookieContainer
        {
            get { return container; }
            set { container = value; }
        }

        private CookieContainer container = new CookieContainer();

        protected override WebRequest GetWebRequest(Uri address)
        {
            WebRequest r = base.GetWebRequest(address);
            var request = r as HttpWebRequest;
            if (request != null)
            {
                request.CookieContainer = container;
            }
            return r;
        }

        protected override WebResponse GetWebResponse(WebRequest request, IAsyncResult result)
        {
            WebResponse response = base.GetWebResponse(request, result);
            ReadCookies(response);
            return response;
        }

        protected override WebResponse GetWebResponse(WebRequest request)
        {
            WebResponse response = base.GetWebResponse(request);
            ReadCookies(response);
            return response;
        }

        private void ReadCookies(WebResponse r)
        {
            var response = r as HttpWebResponse;
            if (response != null)
            {
                CookieCollection cookies = response.Cookies;
                container.Add(cookies);
            }
        }
    }
}

Enjoy...