Error SecureChannelFailure, could not create SSL/TLS

Question

I am calling a web service using certifcates and security protocol. The application was running fine but suddenly started giving me web exception.

The request was aborted: Could not create SSL/TLS secure channel.

when I checked status code, it is SecureChannelFailure and HResult is 2146233079. The web service response is returning NULL.

Part of the code is as follows:

ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

I appreciate any help.

Answer 1

A few questions that might point you in the right direction

• Maybe the certificate you are using has expired?
• Maybe you are running the client from a different computer than before which doesn't have the trusted root of the certificate installed?
• Maybe the certificate was somehow revoked?

Hope it helps!

Answer 2

It worked for me when I added certs like this

X509Store certificatesStore = new X509Store(storeName, storeLocation);
certificatesStore.Open(OpenFlags.OpenExistingOnly);
var matchingCertificates = certificatesStore.Certificates.Find(X509FindType.FindBySerialNumber, serialNumber, true);
request.ClientCertificates.Add(matchingCertificates );

Answer 3

did you get a resolution to this? I've noticed that a windows update to my windows 10 machine and the windows 2008RC servers have caused our issue. The problem we have is that we cannot quickly change the 3rd party servers from SHA1 encrypted certs.

A way around it is to uninstall the updates listed here. https://blogs.windows.com/msedgedev/2016/04/29/sha1-deprecation-roadmap/

Another way around it is to add this line of code:

System.Net.ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

Ref: Could not establish trust relationship for SSL/TLS secure channel -- SOAP

However this doesn't work for us.