The Request Was Aborted: Could Not Create Ssl/Tls Secure Channel

The request was aborted: Could not create SSL/TLS secure channel

I finally found the answer (I haven't noted my source but it was from a search);

While the code works in Windows XP, in Windows 7, you must add this at the beginning:

// using System.Net;
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
// Use SecurityProtocolType.Ssl3 if needed for compatibility reasons

And now, it works perfectly.

ADDENDUM

As mentioned by Robin French; if you are getting this problem while configuring PayPal, please note that they won't support SSL3 starting by December, 3rd 2018. You'll need to use TLS. Here's Paypal page about it.

IIS 2019: The request was aborted: Could not create SSL/TLS secure channel

Looks like this was the answer
https://trailheadtechnology.com/solving-could-not-create-ssl-tls-secure-channel-error-in-net-4-6-x/

I hope this saves someone some time and headaches

Windows 7 Could not create SSL/TLS secure channel.} System.Net.WebException

This error occurs on Windows 7 due to the TLS settings. According to Solving the TLS 1.0 Problem, 2nd Edition, TLS 1.2 is Disabled by default. Therefore, it needs to be enabled. Ensure that you've installed SP 1. Then,

Create a restore point

Open Control Panel
Select View by: Small icons
Click System
On left side, click System protection
If protection isn't turned on for the C:, then click Configure to turn it on. Select desired size and click OK.
Click Create to create a restore point
Enter desired name for restore point
Click Create

Go to

Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows and click on Easy Fix

Copy the code/text below to a file that ends in .reg (ex: TLSFix.reg).

Open you're favorite text editor (ex: Notepad)
Copy the code/text below
Save file with a ".reg" extension (ex: TLSFix.reg). Alternatively, save with a ".txt" extension. Then right-click the file and rename it so that it has a ".reg" extension.

Win 7 (64-bit):

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"SecureProtocols"=dword:00000aa8

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp]
"DefaultSecureProtocols"=dword:00000a00

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp]
"DefaultSecureProtocols"=dword:00000a00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

Then double click the file to add the entries to the registry. Alternatively, add each of the registry entries to the registry using regedit.

Note: The registry entries above are discussed in Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows and Transport Layer Security (TLS) registry settings.

Resources:

Solving the TLS 1.0 Problem, 2nd Edition
Windows and Supported TLS Versions
Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows
Transport Layer Security (TLS) registry settings
Transport Layer Security (TLS) best practices with the .NET Framework
TLS/SSL Tools and Settings
CA5386: Avoid hardcoding SecurityProtocolType value

Could not create SSL/TLS secure channel, despite setting ServerCertificateValidationCallback

You are doing it right with ServerCertificateValidationCallback. This is not the problem you are facing. The problem you are facing is most likely the version of SSL/TLS protocol.

For example, if your server offers only SSLv3 and TLSv10 and your client needs TLSv12 then you will receive this error message. What you need to do is to make sure that both client and server have a common protocol version supported.

When I need a client that is able to connect to as many servers as possible (rather than to be as secure as possible) I use this (together with setting the validation callback):

  ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

Could not create SSL/TLS secure channel when deploying via MSDeply to Web App

Just to let everyone know: problem is solved by forcing net framework applications (like MS Deploy) to default to TLS1.2.

As per this article: https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client#bkmk_net

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001

The Request Was Aborted: Could Not Create Ssl/Tls Secure Channel