the request was aborted could not create ssl/tls secure channel on shared hosting server C#

asp.net asp.net-mvc c# html-agility-pack httpwebrequest

Question

We cannot access the https server usingwebrequest or htmlagilitypack the following error

The underlying connection was closed: An unexpected error occurred on a receive.System.Net.WebException: or could not create SSL/TLS secure channel on server

We updated the following section to my code file and our code runs flawlessly on localhost, but we are unable to determine why it occurs exclusively on the server.

ServicePointManager.Expect100Continue = true;

ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

If anybody has any insight on this, do share it with us.

1
3
11/25/2017 8:16:05 AM

Popular Answer

Sometimes it happens because the webrequest won't accept certificates that are self-signed. I often use a singleton class. Any self-signed certificate is accepted. Whether you revealed the url you are attempting to reach, it would be easy to assess if there is a simpler alternative.

public sealed class Certificates
{
    private static Certificates instance = null;
    private static readonly object padlock = new object();

    Certificates()
    {
    }

    public static Certificates Instance
    {
        get
        {
            lock (padlock)
            {
                if (instance == null)
                {
                    instance = new Certificates();
                }
                return instance;
            }
        }
    }
    public void GetCertificatesAutomatically()
    {
        ServicePointManager.ServerCertificateValidationCallback +=
            new RemoteCertificateValidationCallback((sender, certificate, chain, policyErrors)
                => { return true; });
    }

    private static bool RemoteCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        //Return true if the server certificate is ok
        if (sslPolicyErrors == SslPolicyErrors.None)
            return true;

        bool acceptCertificate = true;
        string msg = "The server could not be validated for the following reason(s):\r\n";

        //The server did not present a certificate
        if ((sslPolicyErrors &
            SslPolicyErrors.RemoteCertificateNotAvailable) == SslPolicyErrors.RemoteCertificateNotAvailable)
        {
            msg = msg + "\r\n    -The server did not present a certificate.\r\n";
            acceptCertificate = false;
        }
        else
        {
            //The certificate does not match the server name
            if ((sslPolicyErrors &
                SslPolicyErrors.RemoteCertificateNameMismatch) == SslPolicyErrors.RemoteCertificateNameMismatch)
            {
                msg = msg + "\r\n    -The certificate name does not match the authenticated name.\r\n";
                acceptCertificate = false;
            }

            //There is some other problem with the certificate
            if ((sslPolicyErrors &
                SslPolicyErrors.RemoteCertificateChainErrors) == SslPolicyErrors.RemoteCertificateChainErrors)
            {
                foreach (X509ChainStatus item in chain.ChainStatus)
                {
                    if (item.Status != X509ChainStatusFlags.RevocationStatusUnknown &&
                        item.Status != X509ChainStatusFlags.OfflineRevocation)
                        break;

                    if (item.Status != X509ChainStatusFlags.NoError)
                    {
                        msg = msg + "\r\n    -" + item.StatusInformation;
                        acceptCertificate = false;
                    }
                }
            }
        }

        //If Validation failed, present message box
        if (acceptCertificate == false)
        {
            msg = msg + "\r\nDo you wish to override the security check?";
            //          if (MessageBox.Show(msg, "Security Alert: Server could not be validated",
            //                       MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button1) == DialogResult.Yes)
            acceptCertificate = true;
        }

        return acceptCertificate;
    }

}

Simply invoke the method before making the appropriate web request.

Certificates.Instance.GetCertificatesAutomatically();

Additionally, if we could view the code used to create your web request, it would assist us identify the issue.

0
11/25/2017 6:26:37 PM


Related Questions





Related

Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow
Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow