0

when teamcity runs powershell script, that calls soap service with next certificate settings (from this link Powershell v3 Invoke-WebRequest HTTPS error ) :

add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
    public bool CheckValidationResult(
        ServicePoint srvPoint, X509Certificate certificate,
        WebRequest request, int certificateProblem) {
        return true;
    }
}
"@
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

when it runs for the very first time by teamcity, it failed with an error:

"The request was aborted: Could not create SSL/TLS secure channel." ---> System.Net.WebException: The 
  request was aborted: Could not create SSL/TLS secure channel.
     at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
     at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
     at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
     at CallSite.Target(Closure , CallSite , Object , network )

but when I run again script manually after teamcity, it works fine. I'm confused why this can happen.

Nikolas
  • 2,322
  • 9
  • 33
  • 55
  • 1
    So manual works all the time and from teamcity it never works? Did you run it manually from the server where teamcity is deployed? – Lieven Keersmaekers Aug 19 '20 at 09:04
  • @LievenKeersmaekers , both answers are yes. – Nikolas Aug 19 '20 at 09:52
  • it both is running with the same user I assume? At that point, I'd start looking at procmon or network traces and work out the differences – Lieven Keersmaekers Aug 19 '20 at 10:50
  • Have you tried googling the error message itself? It will give you some pointers. One suggestions e.g. was `[ServicePointManager]::SecurityProtocol = 3072` for older .NET versions.. – marsze Aug 19 '20 at 12:05
  • do you have some good articles about network tracing? – Nikolas Aug 19 '20 at 15:42
  • @marsze, I'm not sure, maybe .Net version is 3.1 – Nikolas Aug 19 '20 at 15:42
  • 1
    I had a similar issue. Enabled 1.0,1.1,1.2, and one page would fail. That site only supported 1.0, and was fine with just 1.0 in protocols, but not all 3. Worth a shot. – Dallas Oct 29 '20 at 07:10

0 Answers0