0

I am calling Power school API to fetch student data. Using the below code.

public  Token GetAuthToken(string baseUrl, string authKey)
    {
        try
        {
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls13;
            var client = new HttpClient();
            client.BaseAddress = new Uri(_url);
            client.DefaultRequestHeaders
                                    .Accept
                                    .Add(new MediaTypeWithQualityHeaderValue("application/json"));
            
            var values = new Dictionary<string, string> { { "grant_type", "client_credentials" } };
            var content = new FormUrlEncodedContent(values);
            client.DefaultRequestHeaders.Add("Authorization", $"Basic {authKey}");
           var  request = new HttpRequestMessage
            {
                Method = HttpMethod.Post,
                Content = content,
            };
            request.Headers.Add("Authorization", $"Basic {authKey}");
            var response = client.PostAsync(baseUrl+ "/oauth/access_token", content).Result;

            var responseString = response.Content.ReadAsStringAsync().Result;
            var token = JsonConvert.DeserializeObject<Token>(responseString);
            return token;
            
        }
        catch (Exception e)
        {
            throw;
        }
        finally
        {
        }
    }

This code was working fine 3 months ago but now started giving error WebException: The request was aborted: Could not create SSL/TLS secure channel. I tried to post the same request from POSTMAN and it was able to connect and get data. Postman shows TLS 1.2. See the below Image enter image description here

I also tried the code generated from the POSTMAN and it was giving the same error. Below is the code generated from POSTMAN

var client = new RestClient("<MY URL HERE>");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "Basic <MY KEY HERE>");
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddParameter("grant_type", "client_credentials");
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);

I am using these on Windows Server 2012 R2. POSTMAN is able to connect while C# (.Net Framework 4.8) is failing. What could be the issue? I tried a combination of all TLS versions available from TLS to TLS13

EDIT When I check event logs, I am getting below error enter image description here

Dharmendra Kumar
  • 380
  • 6
  • 21
  • Have you followed *all* the instructions to enable TLS1.2 on Server 2012 R2? https://support.microsoft.com/en-gb/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392 There is no support for TLS 1.3. Also, do not specify the TLS version in your code, let the operating system handle that. Side note: `.Result` is likely to deadlock, use `await` instead. – Charlieface Sep 11 '22 at 05:09
  • Thank You @Charlieface for the response. The problem is I am calling a third-party API from my windows 2012 R2 Server and that API is giving an error. If I enable TLS 1.2 on the server, my other applications hosted on this server stops working. I tried specifying TLS without specifying the version. In both cases, it is giving TLS exceptions. I am not able to figure out why POSTMAN is able to make calls from the same server and .Net 4.8 code is giving TLS error. Also, I tried with Async/Await and without it. – Dharmendra Kumar Sep 11 '22 at 09:51
  • Well you need to get TLS1.1 enabled, it's essential for modern security. "If I enable TLS 1.2 on the server, my other applications hosted on this server stops working." I suggest you fix *that* problem, probably caused by using an outdated .NET verion, or by explicitly specifying TLS 1.1. Postman probably has internal code that does all that, maybe it uses `openssl` internally, I don't know. But .NET apps use the operating system SChannel library, which needs to be updated. – Charlieface Sep 11 '22 at 12:38
  • I am using .Net 4.8 which should handle all these. – Dharmendra Kumar Sep 11 '22 at 12:57
  • OK then that needs investigating, but like I said, you are looking at the wrong problem. The solution to *this* one is to simply enable TLS 1.2 as recommended by Microsoft some years ago. – Charlieface Sep 11 '22 at 13:11

0 Answers0