Possible problem with handshake when requesting from API

Question

0.00/5 (No votes)

See more:

Hi, I'm making a request to an API, and I'm getting this error:

"Inner: Authentication failed because the remote party sent a TLS alert: 'HandshakeFailure.
Error: The SSL connection could not be established, see inner exception."

I am working on a Windows Server 2012 R2.

The funny thing is that I installed postman and in it I have no problem to receive the API response.

This is my C# code:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Tls13;

try
{
    var client = new HttpClient();

    var request = new HttpRequestMessage(HttpMethod.Post, "url...");
    var collection = new List<KeyValuePair<string, string>>();
    collection.Add(new("grant_type", "password"));
    collection.Add(new("username", "..."));
    collection.Add(new("password", "."));
    var content = new FormUrlEncodedContent(collection);
    request.Content = content;
    client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
    var response = await client.SendAsync(request);
    response.EnsureSuccessStatusCode();
}
catch (Exception ex)
{
    Console.WriteLine($"Inner: {ex.InnerException.Message}");
    Console.WriteLine($"Error: {ex.Message}");
}

I appreciate any help in advance!

What I have tried:

I tried adding this line
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Tls13;

As I saw suggested in several forums but without success.

I also tried to upgrade the .net version, I am currently using net7.

Posted 24-Mar-24 10:50am

Fercap89

Add a Solution

Comments

DaveDev 15-Apr-24 18:59pm

Were you able to figure this out?
I have accessed an API for many years from Windows Server 2012 R2. The client was in framework 4.8 and another version is .NET 6. Both started failing on March 16th.
I have spent hours on this updating registry entries, updating group policy, and updating .NET along with various combination of ServicePointManager.SecurityProtocol settings.
Everything works on my Win11 dev machine. I tried installing Postman on the server and was had success so it seems like it's related to .NET.

clarksnake yesterday

Did you find any solution?
In my case I realized that on my PC with Windows 11 it works correctly through localhost, but when publishing it on Windows Server 2012 I get the same error, in some forum I found that it is due to the Windows version and that it must be updated to at least 2016 , but I hope there is another more economical solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Pete O'Hanlon · Answer 1 · 2024-03-24T20:55:00

Solution 1

What you haven't told us is what you are running this code from. If you are running it on Windows 11 then, chances are, you have TLS13 enabled. This is not supported on Windows Server 2012 R2. To test this, remove the ServicePointManager code, and set the following registry key value to 0.

HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client\Enabled

Posted 24-Mar-24 20:55pm

Pete O'Hanlon

Comments

Fercap89 25-Mar-24 18:40pm

My code is running on a Windows Server 12 R2 server and communicates with the code of an API, I do not know what operating system will have installed the API server.
I installed wireshark and it seems that the communication is being done in TLS 1.2.

Then I tried the same with Postman (which I have also installed on the windows server and it works) and the communication is done in TLS 1.2.

The chipers in both cases are the same.