12

Possible Duplicate:
The request was aborted: Could not create SSL/TLS secure channel

I am trying to send a http request with a client side certificate. The file, in this case a .p12 file. However when it reaches the line responseStream = httpRequest.GetRequestStream(); it throws a WebException: System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.

I am debugging this on IIS7.5 (on windows 7), where the app pool identity is "LocalSystem".

How do i solve this problem?

 System.IO.Stream responseStream = null; string errorString = string.Empty; ; string postData = string.Empty; HttpWebRequest httpRequest = null; System.Text.Encoding Encoding = new System.Text.UTF8Encoding(); try { XmlDocument orderXml = new XmlDocument(); orderXml.Load(@"c:\xmlfile.xml"); postData = orderXml.InnerXml; byte[] byte1 = Encoding.GetBytes(postData); httpRequest = (HttpWebRequest)WebRequest.Create("https://testurl.com/SOAP_v1_0/"); httpRequest.Method = "POST"; httpRequest.Timeout = 9000; httpRequest.KeepAlive = false; httpRequest.ContentType = "text/xml; charset=" + "utf-8"; httpRequest.ContentLength = byte1.Length; X509Certificate2 certificate = new X509Certificate2(@"c:\file.p12", "password", X509KeyStorageFlags.Exportable); X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); try { store.Open(OpenFlags.ReadWrite); if (!store.Certificates.Contains(certificate)) { store.Add(certificate); } int indexOfCertificate = store.Certificates.IndexOf(certificate); certificate = store.Certificates[indexOfCertificate]; } finally { store.Close(); } httpRequest.ClientCertificates.Add(certificate); responseStream = httpRequest.GetRequestStream(); responseStream.Write(byte1, 0, byte1.Length); } catch (WebException webExcp) { errorString += "Error message: " + webExcp.Message; // Get the WebException status code. WebExceptionStatus status = webExcp.Status; if (status == WebExceptionStatus.ProtocolError) { // Get HttpWebResponse so that you can check the HTTP status code. HttpWebResponse httpResponse = (HttpWebResponse)webExcp.Response; errorString += "; The server returned protocol error " + httpResponse.StatusCode + " - " + httpResponse.StatusCode; httpResponse.Close(); } } catch (Exception e) { errorString += "Error message: " + e.Message; } finally { if (responseStream != null) { responseStream.Close(); } } }

When running with a trace log these are the lines specifing the error:

System.Net Information: 0 : [4968] SecureChannel#2399524 - Certificate is of type X509Certificate2 and contains the private key. System.Net Information: 0 : [4968] AcquireCredentialsHandle(package = Microsoft Unified Security Protocol Provider, intent = Outbound, scc = System.Net.SecureCredential) System.Net Error: 0 : [4968] AcquireCredentialsHandle() failed with error 0X8009030D. System.Net Information: 0 : [4968] AcquireCredentialsHandle(package = Microsoft Unified Security Protocol Provider, intent = Outbound, scc = System.Net.SecureCredential) System.Net Error: 0 : [4968] AcquireCredentialsHandle() failed with error 0X8009030D. System.Net.Sockets Verbose: 0 : [4968] Socket#59311937::Dispose() System.Net Error: 0 : [4968] Exception in the HttpWebRequest#50160154:: - The request was aborted: Could not create SSL/TLS secure channel. System.Net Error: 0 : [4968] Exception in the HttpWebRequest#50160154::EndGetRequestStream - The request was aborted: Could not create SSL/TLS secure channel.
Improve this question
5
  • Can you navigate successfully to the same URL with a browser? Does this successfully establish the SSL/TLS session? Commented Sep 7, 2012 at 12:21
  • No i get "Internet Explorer cannot display the webpage" Commented Sep 7, 2012 at 12:25
  • So look at the details via the link on the error page. You need to know why the SSL/TLS channel cannot be created. Without that information we're guessing at configuration settings on client and server. Commented Sep 7, 2012 at 12:27
  • I think I faced a problem like yours some month ago, while connecting to a partner's system. Did you get any log in the server side? They should be able to provide you some information, the handshake should be normally failing. Commented Sep 11, 2012 at 8:53
  • In my case, installing the certificates into the Windows Certificate Store solved the problem. Commented Aug 27, 2015 at 17:06

1 Answer 1

Reset to default
41

You need to create a system.net log for your app. You will need to create a myapp.exe.config config file and put the following into it.

<?xml version="1.0" encoding="UTF-8"?> <configuration> <system.diagnostics> <trace autoflush="true" /> <sources> <source name="System.Net"> <listeners> <add name="System.Net" /> </listeners> </source> <source name="System.Net.Sockets"> <listeners> <add name="System.Net" /> </listeners> </source> <source name="System.Net.Cache"> <listeners> <add name="System.Net" /> </listeners> </source> </sources> <sharedListeners> <add name="System.Net" type="System.Diagnostics.TextWriterTraceListener" initializeData="System.Net.trace.log" /> </sharedListeners> <switches> <add name="System.Net" value="Verbose" /> <add name="System.Net.Sockets" value="Verbose" /> <add name="System.Net.Cache" value="Verbose" /> </switches> </system.diagnostics> </configuration>

If you run with this config file, it will create a logfile called system.net.trace.log. That file will have more details on why this is failing.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

updated question with the error part of the trace log
If you wan't more detailed error messages add traceOutputOptions="DateTime, ProcessId, ThreadId, Callstack" as attributes to the sharedListener System.Net. Like this: <add name="System.Net" type="System.Diagnostics.TextWriterTraceListener" traceOutputOptions="DateTime, ProcessId, ThreadId, Callstack" initializeData="System.Net.trace.log" />
a logfile where?
@johnk It will put the log file (in this example, named "System.Net.trace.log" in the directly the application is run from. For a regular Windows .exe application, probably the folder wherever your app .exe file is. For a web application, probably the root of the website folder.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.