cancel
Showing results for 
Search instead for 
Did you mean: 

Could not create SSL/TLS secure channel

We are running identical code in our test and production environments.

In production, there is no problem.

In test, after years of having no problems, we are now seeing this error message:

"System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel."

 

We just noticed this today, when testing something unrelated, so we can't say how long it has been a problem in the test environment, but certainly no more than a few months.

 

I understand from tech support that Authorize.Net updated certificates recently, but it has had no impact on our production environment, which calls into the same URL, using identical code: Snippet

https://secure.authorize.net/gateway/transact.dll

 

We have gone so far as to import cypher registry settings from the production server to the test server, and disable all of the options except TLS 1.2, yet still we get this error (again, only on our test server).

 

We are at a loss as to how we can address this, and are very concerned that we might eventually face the same problem in our production environment. Can anyone help?

 

If useful, our C# code, in relevant part:

Snippet

private static string url = "https://secure.authorize.net/gateway/transact.dll ";
 
 
		public static AuthorizeResponse SendRequest(AuthorizeRequest transaction)
		{
			string strPost = transaction.ToString();
 
			StreamWriter myWriter = null;
 
			HttpWebRequest objRequest = (HttpWebRequest)WebRequest.Create(url);
			objRequest.AuthenticationLevel = System.Net.Security.AuthenticationLevel.MutualAuthRequired;
			objRequest.Method = "POST";
			objRequest.ContentLength = strPost.Length;
			objRequest.ContentType = "application/x-www-form-urlencoded";
 
			try
			{
                myWriter = new StreamWriter(objRequest.GetRequestStream(), Encoding.Default);
				myWriter.Write(strPost);
			}
			catch (Exception e)
			{       
                throw e;	
			}
			finally
			{
                if (myWriter != null)
                {
                    myWriter.Flush();
                    myWriter.Close();
                }
			}
 
			string result = string.Empty;
 
			HttpWebResponse objResponse = (HttpWebResponse)objRequest.GetResponse();

 

 

jsnyder
Member
1 ACCEPTED SOLUTION

Accepted Solutions

What  resolved the issue for us was to add the following 3 lines of code before creating the HttpWebRequest object:

 

Snippet

            const SslProtocols _Tls12 = (SslProtocols)0x00000C00;
            const SecurityProtocolType Tls12 = (SecurityProtocolType)_Tls12;
            ServicePointManager.SecurityProtocol = Tls12;

View solution in original post

jsnyder
Member
5 REPLIES 5

I am having the same issue as of today (5/9/2018) in two different accounts BUT, both are our production accounts.  The last time I had issues was in Feb when the TLS upgrade happened.  After 2 hours on the phone with a person that didn't help much, I was given to a supervisor who mentioned upgrading the .NET drivers.  So, I went to nuget and upgraded the driver....everything started working again...and has since.  I checked the .NET drivers on nuget today and they haven't been upgraded/updated since November 2017.  My guess is that they made some changes earlier this month, and somebody forgot to upgrade/update the .NET drivers in nuget.  (I know they updated the PHP SDK, because when I called for help today I was directed there.)

 

Anybody else having SSL secure channel connection issues?  We are effectively out of business until this gets resolved.  Running any type of volume of transactions manually through the Authorize.Net portal is anything but practical.

jeffdxdy
Member

Had two stressful weeks trying to solve my issue with Authorize.net.  My shopping cart worked perfectly via their Sandbox, but not when live thru my website.

 

Final solution:  make sure your site's URL's are all www or not www (new API.  That was the first problem. Second problem (that probably set the it in action), was that i had just loaded an htacess file on the site that rewrite all pages to be https.  Previously only the shopping cart checkout was https and the rest of the site was http.  That rewrite was the major problem.  Fixed these two items and all it well!

Sprovost
Member

What  resolved the issue for us was to add the following 3 lines of code before creating the HttpWebRequest object:

 

Snippet

            const SslProtocols _Tls12 = (SslProtocols)0x00000C00;
            const SecurityProtocolType Tls12 = (SecurityProtocolType)_Tls12;
            ServicePointManager.SecurityProtocol = Tls12;
jsnyder
Member

We had issues related to our https .NET application (F5 BIGIP Load balanced) where it used to break intermittently for 1 hour window. and then started working again by itself after an hour The event logs showed "Schannel Error - The TLS protocol defined fatal alert code is 40, while the application logs showed the error "HttpRequestException: The buffers supplied to a function was too small ". The issue was due to what is mentioned in the F5 article https://support.f5.com/csp/article/K40424522 and was resolved when we disabled the EDH cypher on the impacted application VIP.

The error is generic and there are many reasons why the SSL/TLS negotiation may fail. ServicePointManager.SecurityProtocol property selects the version of the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol to use for new connections; existing c# connections aren't changed. Make sure the ServicePointManager settings are made before the HttpWebRequest is created, else it will not work. Also, you have to enable other security protocol versions to resolve this issue:

ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
SecurityProtocolType.Tls
SecurityProtocolType.Tls11
SecurityProtocolType.Ssl3;

//createing HttpWebRequest after ServicePointManager settings

HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://google.com/api/")

 

If you create HttpWebRequest before the ServicePointManager settings it will fail and shows the error message.

 

creigmalta
Member