2 
Invoke-WebRequest : The request was aborted: Could not create SSL/TLS secure channel. At line:4 char:6 + $r = Invoke-WebRequest -Uri $url + ~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

my client is facing this issue while other application trying to hit my service. i enabled TLS 1.1. and 1.2 on my server

Improve this question
4
  • d other party invoking our service and they are getting this issue... Commented Jan 23, 2019 at 15:44
  • can you post the code that is calling the web service? can you post details of how you enabled TLS 1.1 and 1.2 Commented Jan 23, 2019 at 15:57
  • it's a third party code so we dont have that code. Commented Jan 24, 2019 at 11:11
  • and in browser-->advance setting i have enabled TLS 1.1. and 1.2 Commented Jan 24, 2019 at 11:12

2 Answers 2

Reset to default
4

If the client is attempting to negotiate the request using TLS 1.0, but only TLS 1.1 and 1.2 are supported you will get this error.

Try forcing the client to utilize TLS 1.2 by adding the below code to the client's application before the request is made to your service.

PowerShell:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

C#:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

See:

Update .NET web service to use TLS 1.2

Powershell Setting Security Protocol to Tls 1.2

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Thank ypu for the reply.
0 U mean to say i should ask third party to add below code to their application before calling our service??? System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; that means the issue is on their site?? because i have enabled all TLS version on our server.
@priyankagharat Can you confirm that the error message you posted was from the client's application? Are you certain that TLS 1.0 is supported on the URL the client is trying to call? .NET versions 4.5 and older will use TLS 1.0 by default, and you stated in your question that only 1.1 and 1.2 were enabled. If this is the case you will get the error message you posted.
external application trying to cl our service .in response they are geting this iisue.
and we are using .net 4.6
2

The cause of the error is Powershell by default uses TLS 1.0 to connect to website, but website security requires TLS 1.2. You can change this behavior with running any of the below command to use all protocols. You can also specify single protocol.

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls, [Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12, [Net.SecurityProtocolType]::Ssl3 [Net.ServicePointManager]::SecurityProtocol = "Tls, Tls11, Tls12, Ssl3"
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.