a developer's notes – a semi-technical web development BLOG

February 13, 2015

The request was aborted: Could not create SSL/TLS secure channel

Filed under: ASP.NET,C# — Duy Nguyen @ 10:14 am
Tags: , , , , , ,

We had some trouble with posting data with a System.Net.WebClient request. We notice that it was sporadic and couldn’t figure it out. What we found out was that some calls had SecurityProtocolType.Ssl3 and other calls didn’t specify SecurityProtocolType.

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

SecurityProtocolType is a static class, and what ended up happening was when one call changed the SSL type, it would affect other areas of the application. We had to explicitly set the protocol type in each request.

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls; // or Ssl3
Advertisements

1 Comment »

  1. You really want to define your ServicePointManager settings once in Application_Start. Avoid re-defining values, especially at the request-level because you can run into race conditions across requests (more likely under high volume).

    [RequestThread1] ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
    [RequestThread1] Client1.MakeSomeRequest();

    [RequestThread2] ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;
    [RequestThread2] Client2.MakeSomeRequest();

    Without a shared static locking mechanism in place, this can execute in unexpected orders, such as:

    [RequestThread1] ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
    [RequestThread2] ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;
    [RequestThread1] Client1.MakeSomeRequest(); // <– This will fail if the server only supports TLS 1.2
    [RequestThread2] Client2.MakeSomeRequest();

    Comment by scottt732 — February 24, 2017 @ 4:38 pm | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: