0

I'm facing an issue once I want to call HttpWebRequest and error says: The request was aborted: Could not create SSL/TLS secure channel

First of all I'm working with company have high security standards, firewalls are applied.

I have three servers, Server A: My workstation. Server B: My colleague workstation Server C: Business Team Server

The code is as below for HttpWebRequest, and it is working without errors in my workstation [ working without SecurityProtocol code ] Request to URL starting with "https"

enter image description here

Once I deploy it to my colleague server, he got an error says:

enter image description here

Then I added below two lines to the code, after we deploy it again, it is working in my colleague server.

enter image description here

Now, once I deploy it on Business server, Non of above code is working, and we got an error: The request was aborted: Could not create SSL/TLS secure channel

Kindly note I tried the below also:

enter image description here

  • Most important point is related to registry of server, I changed values of my workstation registry of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols to be same as my colleague server, then I got same error that he faced which is "the client and server cannot communicate, because they do not possess a common algorithm", once I added the code that he added "securityProtocol", then code is working fine..

I tried to change the values of Business Team server, to be same as my workstation registry values, but still we are getting same error of "The request was aborted: Could not create SSL/TLS secure channel"

Registry of Business team server values:

enter image description here

The values as below:

TLS1.0 Client DisabledByDefault 1 Enabled 0 Server DisabledByDefault 1 Enabled 0

TLS1.1 Client DisabledByDefault 0 Enabled 0 Server DisabledByDefault 0 Enabled 1

TLS1.2 Client DisabledByDefault 0 Enabled ffffffff Server DisabledByDefault 1 Enabled ffffffff

Please help, I don't know if I need to add extra code, or the error shown up related to configuration from server??

Khalid Salameh
  • 63
  • 1
  • 4
  • Look under ciphers, maybe you've disabled too much there: https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/restrict-cryptographic-algorithms-protocols-schannel – alexrait Aug 01 '21 at 14:23

1 Answers1

0

Maybe the certificates need the Network service access. You can check by:

  1. Open certificate MMC.
  2. Navigate to Certificates (Local Computer) > Personal > Certificates.
  3. Right click on your certificate and select All Tasks> Manage Private Keys… from the context menu.
  4. Set the appropriate permission.
Jiayao
  • 510
  • 3
  • 7
  • Dear Jiayao, thanks for your reply,Now ...After long time with searching and tracing the issue, the issue was related to windows server version and installation feature. The server was worked fine, it is "Windows Server 2016 R2" and the server having an issue or code was not working, it is "Windows Server 2012 R2". they advised to download "Security Advisor update manually" as per this article: https://windowsreport.com/windows-server-not-create-ssl-tls-channel/ but still same issue, is there any idea? – Khalid Salameh Aug 03 '21 at 08:07
  • If you are sure that this is the problem, you can submit the bug file to the official to see if it can be fixed. – Jiayao Aug 04 '21 at 03:03