Thursday, November 30, 2017

The request was aborted: could not create SSL/TLS secure channel–Part 1

A colleague asked for help with the following problem:

He has an ASP.NET MVC website that talks to an ASP.NET Web API backend. On development everything works as expected but on the acceptance environment, he suddenly start to get TLS errors when the httpclient invokes a call to the backend:

The request was aborted: Could not create SSL/TLS secure channel.

sslerror

Let’s take you through the journey that brought us to our final solution.

Part 1 – The unexpected .NET Framework update.

What we find especially strange was that it worked before, and that the errors only started to appear recently. This brought us on the path of what was recently changed. One of the things that happened was an upgrade to .NET Framework 4.6. Could it be?

In the .NET documentation we found that in .NET 4.6 the HttpClient defaults to TLS 1.2. Maybe that caused the error?

We updated our code to force the system to use TLS 1.0:

This worked but now we were using an older(less secure) TLS version. Let’s continue the investigation in another post…

No comments: