none
The request was aborted: Could not create SSL/TLS secure channel. RRS feed

  • Question

  • Hi,

    We are upgrading servers BizTalk 2013 to 2016

    I'm trying send the message to API using wcf-webhttp in BizTalk 2013. Its working fine 

    But In BizTalk server 2016. We are facing issues as below

    FYI..

    I have installed BizTalk CU5 and even CU6  and feature UPdate 3 as well but no luck

    A message sent to adapter "WCF-WebHttp" on send port "Send_SVC" with URI  is suspended.  Error details: System.ServiceModel.Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority  ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.

    Appreciated for your help

    Wednesday, March 6, 2019 12:07 PM

All replies

  • Hi,

    That looks like a Certificate error or a TLS1.0/1.1/1.2 incompatible version error.

    Br,

    Leo


    Did my post help? Please use "Mark as answer" or "Propose as answer". Thank you!


    Wednesday, March 6, 2019 12:21 PM
  • it is not certificate error..  It looks TLS incompatible version error.

    But BizTalk 2016 supports TLS 1.2

    and owner of API also confirm they support TLS 1.2

    My understanding, BizTalk 2016 version by default use TLS 1.2?

    if we want to use TLS 1.1, May i know what is the process?

    So, I confused, how to fix this issue.

    Wednesday, March 6, 2019 4:08 PM
  • As I understand it should fall back to TLS 1.1 if it can't use TLS 1.2 as long as you have not set the registry keys to disable it.  
    Wednesday, March 6, 2019 10:53 PM
  • Thanks for your response Colin..

    I fixed it by creating WCF custom behavior to allow all TLS versions as below..

    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls | SecurityProtocolType.Ssl3;

    Thanks

    Thursday, March 7, 2019 9:20 AM
  • Sounds like the API is still using SSL 3.0 if you had to add that.

    Yes, I believe .Net 4.6 only allows TLS 1.0 through to TLS 1.2 by default.

    Good that you solved it.

    Thursday, March 7, 2019 10:08 PM
  • Hi npavank,

    Can you please advise where did you add this logical code that helped you to overcome TLS issue ?

    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls | SecurityProtocolType.Ssl3;

    Please advise


    RH

    Sunday, September 22, 2019 10:52 PM