The request was aborted: Could not create SSL/TLS secure channel
I finally found the answer (I haven't noted my source but it was from a search);
While the code works in Windows XP, in Windows 7, you must add this at the beginning:
// using System.Net;
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
// Use SecurityProtocolType.Ssl3 if needed for compatibility reasons
And now, it works perfectly.
ADDENDUM
As mentioned by Robin French; if you are getting this problem while configuring PayPal, please note that they won't support SSL3 starting by December, 3rd 2018. You'll need to use TLS. Here's Paypal page about it.
IIS 2019: The request was aborted: Could not create SSL/TLS secure channel
Looks like this was the answer
https://trailheadtechnology.com/solving-could-not-create-ssl-tls-secure-channel-error-in-net-4-6-x/
I hope this saves someone some time and headaches
Windows 7 Could not create SSL/TLS secure channel.} System.Net.WebException
This error occurs on Windows 7 due to the TLS settings. According to Solving the TLS 1.0 Problem, 2nd Edition, TLS 1.2 is Disabled by default. Therefore, it needs to be enabled. Ensure that you've installed SP 1. Then,
Create a restore point
- Open Control Panel
- Select View by: Small icons
- Click System
- On left side, click System protection
- If protection isn't turned on for the
C:
, then click Configure to turn it on. Select desired size and click OK. - Click Create to create a restore point
- Enter desired name for restore point
- Click Create
Go to
Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows and click on Easy Fix
Copy the code/text below to a file that ends in .reg (ex: TLSFix.reg).
- Open you're favorite text editor (ex: Notepad)
- Copy the code/text below
- Save file with a ".reg" extension (ex: TLSFix.reg). Alternatively, save with a ".txt" extension. Then right-click the file and rename it so that it has a ".reg" extension.
Win 7 (64-bit):
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"SecureProtocols"=dword:00000aa8
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp]
"DefaultSecureProtocols"=dword:00000a00
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp]
"DefaultSecureProtocols"=dword:00000a00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000
Then double click the file to add the entries to the registry. Alternatively, add each of the registry entries to the registry using regedit.
Note: The registry entries above are discussed in Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows and Transport Layer Security (TLS) registry settings.
Resources:
- Solving the TLS 1.0 Problem, 2nd Edition
- Windows and Supported TLS Versions
- Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows
- Transport Layer Security (TLS) registry settings
- Transport Layer Security (TLS) best practices with the .NET Framework
- TLS/SSL Tools and Settings
- CA5386: Avoid hardcoding SecurityProtocolType value
Could not create SSL/TLS secure channel, despite setting ServerCertificateValidationCallback
You are doing it right with ServerCertificateValidationCallback. This is not the problem you are facing. The problem you are facing is most likely the version of SSL/TLS protocol.
For example, if your server offers only SSLv3 and TLSv10 and your client needs TLSv12 then you will receive this error message. What you need to do is to make sure that both client and server have a common protocol version supported.
When I need a client that is able to connect to as many servers as possible (rather than to be as secure as possible) I use this (together with setting the validation callback):
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
Could not create SSL/TLS secure channel when deploying via MSDeply to Web App
Just to let everyone know: problem is solved by forcing net framework applications (like MS Deploy) to default to TLS1.2.
As per this article: https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client#bkmk_net
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001
Related Topics
How to Create a Dropdownlist from an Enum in ASP.NET MVC
Performance Differences Between Debug and Release Builds
Creating a Byte Array from a Stream
How to Copy the Contents of One Stream to Another
Why Is Floating Point Arithmetic in C# Imprecise
How Would You Count Occurrences of a String (Actually a Char) Within a String
One Dbcontext Per Web Request... Why
Capture Screenshot of Active Window
Await' Works, But Calling Task.Result Hangs/Deadlocks
Convert Generic List/Enumerable to Datatable
How to Make the Script Wait/Sleep in a Simple Way in Unity
Combining Two Expressions (Expression≪Func≪T, Bool≫≫)
What Is a Good Pattern For Using a Global Mutex in C#
How to Display a Decimal Value to 2 Decimal Places
Encrypting & Decrypting a String in C#