C#.NET Application - Could not establish secure channel for SSL/TL

G

Guest

I'm running a C#.Net application that is using the HttpWebRequest to upload
an xml file to a https site with FIPS complicancy turned on. On the
"GetRequestStream()" method I get:

"The underlying connection was closed: Could not establish secure channel
for SSL/TLS."

With FIPS turned on the secure website, only a FIPS compliant protocol can
be used. Since SSL is not FIPS compliant then only TLS can be used.
Unfortunately, this protocol is not supported in .Net Framework 1.1.
I then tried recompileing my C#.Net program in Visual Studio 2005. It
mentioned that the .NET Framework 2.0 supprted the TLS protocol. When running
the application, I encountered the same problem. Has anyone found a solution
to this problem?
 
S

Steven Cheng[MSFT]

Hi Bill,

Welcome to ASPNET newsgroup.
Regarding on the SSL/TLS connection establishing problem, it is really an
existing problem in the .NET framework implementation of the WEBRequest
component. Actually the problem is quite hard to say who has done the
thing wrong. The .net framework's webrequest component address the https
connection and for which currently SSL is widely used though TLS is the
latest standard. Anyway, I've found the following workaround form some
former cases on this problem:

In our code add the below statement before creating and using the
webrequest components....


System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
Namespace: System.Net

It will force TLS 1.0 instead of SSL V3.

Hope helps. Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)




--------------------
| Thread-Topic: C#.NET Application - Could not establish secure channel for
SSL/TL
| thread-index: AcXf/si25gClDMRqTjaAVogbgA8GCA==
| X-WBNR-Posting-Host: 158.15.248.140
| From: "=?Utf-8?B?QmlsbA==?=" <[email protected]>
| Subject: C#.NET Application - Could not establish secure channel for
SSL/TL
| Date: Wed, 2 Nov 2005 14:43:03 -0800
| Lines: 17
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet:135659
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| I'm running a C#.Net application that is using the HttpWebRequest to
upload
| an xml file to a https site with FIPS complicancy turned on. On the
| "GetRequestStream()" method I get:
|
| "The underlying connection was closed: Could not establish secure channel
| for SSL/TLS."
|
| With FIPS turned on the secure website, only a FIPS compliant protocol
can
| be used. Since SSL is not FIPS compliant then only TLS can be used.
| Unfortunately, this protocol is not supported in .Net Framework 1.1.
| I then tried recompileing my C#.Net program in Visual Studio 2005. It
| mentioned that the .NET Framework 2.0 supprted the TLS protocol. When
running
| the application, I encountered the same problem. Has anyone found a
solution
| to this problem?
|
| --
| Bill Larson
|
 
G

Guest

It worked. Thanks!
--
Bill Larson


Steven Cheng said:
Hi Bill,

Welcome to ASPNET newsgroup.
Regarding on the SSL/TLS connection establishing problem, it is really an
existing problem in the .NET framework implementation of the WEBRequest
component. Actually the problem is quite hard to say who has done the
thing wrong. The .net framework's webrequest component address the https
connection and for which currently SSL is widely used though TLS is the
latest standard. Anyway, I've found the following workaround form some
former cases on this problem:

In our code add the below statement before creating and using the
webrequest components....


System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
Namespace: System.Net

It will force TLS 1.0 instead of SSL V3.

Hope helps. Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)




--------------------
| Thread-Topic: C#.NET Application - Could not establish secure channel for
SSL/TL
| thread-index: AcXf/si25gClDMRqTjaAVogbgA8GCA==
| X-WBNR-Posting-Host: 158.15.248.140
| From: "=?Utf-8?B?QmlsbA==?=" <[email protected]>
| Subject: C#.NET Application - Could not establish secure channel for
SSL/TL
| Date: Wed, 2 Nov 2005 14:43:03 -0800
| Lines: 17
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet:135659
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| I'm running a C#.Net application that is using the HttpWebRequest to
upload
| an xml file to a https site with FIPS complicancy turned on. On the
| "GetRequestStream()" method I get:
|
| "The underlying connection was closed: Could not establish secure channel
| for SSL/TLS."
|
| With FIPS turned on the secure website, only a FIPS compliant protocol
can
| be used. Since SSL is not FIPS compliant then only TLS can be used.
| Unfortunately, this protocol is not supported in .Net Framework 1.1.
| I then tried recompileing my C#.Net program in Visual Studio 2005. It
| mentioned that the .NET Framework 2.0 supprted the TLS protocol. When
running
| the application, I encountered the same problem. Has anyone found a
solution
| to this problem?
|
| --
| Bill Larson
|
Click to expand...
 
S

Steven Cheng[MSFT]

You're welcome Bill,

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| Thread-Topic: C#.NET Application - Could not establish secure channel for
SS
| thread-index: AcXgiM1pEBrK8wPfT8W0AUqywxpjtg==
| X-WBNR-Posting-Host: 158.15.248.140
| From: "=?Utf-8?B?QmlsbA==?=" <[email protected]>
| References: <[email protected]>
<[email protected]>
| Subject: RE: C#.NET Application - Could not establish secure channel for
SS
| Date: Thu, 3 Nov 2005 07:11:01 -0800
| Lines: 90
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet:135825
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| It worked. Thanks!
| --
| Bill Larson
|
|
| "Steven Cheng[MSFT]" wrote:
|
| > Hi Bill,
| >
| > Welcome to ASPNET newsgroup.
| > Regarding on the SSL/TLS connection establishing problem, it is really
an
| > existing problem in the .NET framework implementation of the WEBRequest
| > component. Actually the problem is quite hard to say who has done the
| > thing wrong. The .net framework's webrequest component address the
https
| > connection and for which currently SSL is widely used though TLS is the
| > latest standard. Anyway, I've found the following workaround form some
| > former cases on this problem:
| >
| > In our code add the below statement before creating and using the
| > webrequest components....
| >
| >
| > System.Net.ServicePointManager.SecurityProtocol =
SecurityProtocolType.Tls;
| > Namespace: System.Net
| >
| > It will force TLS 1.0 instead of SSL V3.
| >
| > Hope helps. Thanks,
| >
| > Steven Cheng
| > Microsoft Online Support
| >
| > Get Secure! www.microsoft.com/security
| > (This posting is provided "AS IS", with no warranties, and confers no
| > rights.)
| >
| >
| >
| >
| > --------------------
| > | Thread-Topic: C#.NET Application - Could not establish secure channel
for
| > SSL/TL
| > | thread-index: AcXf/si25gClDMRqTjaAVogbgA8GCA==
| > | X-WBNR-Posting-Host: 158.15.248.140
| > | From: "=?Utf-8?B?QmlsbA==?=" <[email protected]>
| > | Subject: C#.NET Application - Could not establish secure channel for
| > SSL/TL
| > | Date: Wed, 2 Nov 2005 14:43:03 -0800
| > | Lines: 17
| > | Message-ID: <[email protected]>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | charset="Utf-8"
| > | Content-Transfer-Encoding: 7bit
| > | X-Newsreader: Microsoft CDO for Windows 2000
| > | Content-Class: urn:content-classes:message
| > | Importance: normal
| > | Priority: normal
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| > | Xref: TK2MSFTNGXA01.phx.gbl
| > microsoft.public.dotnet.framework.aspnet:135659
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > |
| > | I'm running a C#.Net application that is using the HttpWebRequest to
| > upload
| > | an xml file to a https site with FIPS complicancy turned on. On the
| > | "GetRequestStream()" method I get:
| > |
| > | "The underlying connection was closed: Could not establish secure
channel
| > | for SSL/TLS."
| > |
| > | With FIPS turned on the secure website, only a FIPS compliant
protocol
| > can
| > | be used. Since SSL is not FIPS compliant then only TLS can be used.
| > | Unfortunately, this protocol is not supported in .Net Framework 1.1.
| > | I then tried recompileing my C#.Net program in Visual Studio 2005. It
| > | mentioned that the .NET Framework 2.0 supprted the TLS protocol. When
| > running
| > | the application, I encountered the same problem. Has anyone found a
| > solution
| > | to this problem?
| > |
| > | --
| > | Bill Larson
| > |
| >
| >
|
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure 4
The underlying connection was closed: Could not establish secure channel for SSL/TLS 1
The underlying connection was closed: Could not establish secure channel for SSL/TLS. 7
Could not establish secure channel for SSL/TLS 3
Erratic SSL Error: Could not establish secure channel for SSL/TLS 7
Could not establish secure channel for SSL/TLS 0
Could not establish secure channel for SSL/TLS 1
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure 0

Members online

No members online now.
Total: 25 (members: 0, guests: 25)
Robots: 450

Forum statistics

Threads
473,768
Messages
2,569,574
Members
45,048
Latest member
verona

Latest Threads

Top