locked
SecurityNegotiationException when making calls to Azure Service Management API RRS feed

  • Question

  • Hi,

    We are writing a tool to interact with Azure service and in the process have hit the error "Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'management.core.windows.net'. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel. "

    We have done the following:

    1. We have uploaded a cert to management certificates section of Azure hosted service

    2. We are adding a .pfx on the client to Cert store using X509Certificate2 and X509Store.

    3. Our code in brief looks like this:

         X509Store localmachinestore = new X509Store(StoreName.My, StoreLocation.LocalMachine);
         localmachinestore.Open(OpenFlags.ReadWrite);
         X509Certificate2 certificate = new X509Certificate2(file);
         localmachinestore.Add(certificate);

    4. Our calls to azure service are failing with the above mentioned exception.

    5. If I install the pfx manually (by using certmgr mmc and use import) then things work just fine.

     I have used the tool "WinHttpCertCfg.exe" to validate that current user has access to private keys.  The client is running under local system. What am i missing when I am adding the pfx to store programmatically? any pointers will be greatly appreciated.

    thanks,

    hitesh


    Thanks, Hitesh “This posting is provided "AS IS" with no warranties, and confers no rights.”

    Tuesday, July 24, 2012 2:21 PM

Answers

  • Try using the constructor for X509Certificate2 with password for pfx file.

    X509Certificate2 certificate = new X509Certificate2(file, password);

    Hope this helps.

    Thanks

    Gaurav

    • Marked as answer by Arwind - MSFT Monday, July 30, 2012 9:04 AM
    Tuesday, July 24, 2012 3:00 PM