Error when opening a SSL connection with httpclient

Question

0.00/5 (No votes)

See more:

When sending a request with the HttpClient class, we always get the 'The request was aborted: Could not create SSL/TLS secure channel' error. The code is part of a library and has successfully accessed other services before. That's why I suspect that something about the specific service we are trying to access is different and the question is how to identify that difference. The error message is not really helpful in that regard.

What I have tried:

The following code was compiled under .NET famework 4.5.1. I have read that switching to a higher framework version might fix the problem. I have NOT tried this yet, because this library is only part of a much larger solution and a version change involves a little more than just changing a setting in the current project.

This is how the HttpClient is initialized:

C#

protected override void Initialize()
{
    base.Initialize();

    ServicePointManager.Expect100Continue = true;
    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
    //ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | 
SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | 
SecurityProtocolType.Tls12;

    handler = new HttpClientHandler()
    {
        ClientCertificateOptions = ClientCertificateOption.Automatic,
        UseDefaultCredentials = false,
        PreAuthenticate = false,
        Credentials = new NetworkCredential
                      (Parameter.Name, Parameter.Password)
    };

    client = new HttpClient(handler)
    {
        Timeout = new TimeSpan(0, 1, 0)
    };

    client.DefaultRequestHeaders.Accept.Add
    (new MediaTypeWithQualityHeaderValue("application/json"));

     Result.Succeeded = true;
}

Posted 31-Aug-23 2:02am

CodeWraith

Updated 13-Sep-23 4:04am

Deeksha Shenoy

v2

Add a Solution

Comments

Dave Kreskowiak 31-Aug-23 8:23am

It may work on the newer .NET, but I would check to see what protocols the server supports before making any changes to the code. If the server doesn't support TLS1.2, changing the code isn't going to do you any good.

All versions of SSL, and TLS 1.0 and 1.1, are all considered broken today. The minimum you/servers should be using is TLS 1.2.

Richard Deeming 31-Aug-23 8:30am

Transport Layer Security (TLS) best practices with the .NET Framework - .NET Framework | Microsoft Learn[^]

But as Dave said, you need to know what protocols the remote server supports. You can use something like Qualys SSL Server Test[^] to determine that.

CodeWraith 15-Sep-23 4:28am

Just a little update: It's working now, but it was a bit of trial and error. We had no choice but to 'fix by update'. Anything higher than framework version 4.5.1 would work without any further code changes. Thanks for the help.

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)