• State Not Answered
  • Replies 5 replies
  • Subscribers 96 subscribers
  • Views 6567 views
  • Users 0 members are here
Options
Related

The request was aborted: Could not create SSL/TLS secure channel.

jernej rezec
over 2 years ago

Hi all,

I have an issue with the Rest API call where I need to provide the certificate (it is the authentication API). I have checked this and other forums, but I can not solve the issue  I was able to establish the connection in the Synchronization Editor editor and via Postman, but I have an issue in the VB script where I need this authentication call for some other operations. I tested the same script in my local environment and it worked fine. The version in my environment is 8.1.2, on the customer environment, where I am trying to establish script was version 8.1.1 but after the issue, we have updated it to 8.1.4. .NET version is on both systems 4.7.2, the only difference in the environment is that I have Visual Studio installed on mine (maybe there is a difference in the system dll version?). I am also attaching the code

Public Function CCC_POST_ApiRequestCert(ByVal ThumbPrint As String, ByVal URL As String, ByVal myDataJSON As String, ByVal Action As String) As String
	' cert prereq
    ServicePointManager.Expect100Continue = True

	ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls Or SecurityProtocolType.Tls11 Or SecurityProtocolType.Tls12

	System.Net.ServicePointManager.ServerCertificateValidationCallback =
		Function(se As Object,
			  cert As System.Security.Cryptography.X509Certificates.X509Certificate,
			  chain As System.Security.Cryptography.X509Certificates.X509Chain,
			  sslerror As System.Net.Security.SslPolicyErrors) True

	Dim myReq As HttpWebRequest
	Dim myResp As HttpWebResponse

	Try
		myReq = DirectCast(WebRequest.Create(URL), HttpWebRequest)

		' GET cert
		Dim microcopCert As X509Certificate2 = Nothing
		Dim store As New X509Store(StoreName.My, StoreLocation.LocalMachine)
		store.Open(OpenFlags.[ReadOnly])
		microcopCert = store.Certificates.Find(X509FindType.FindByThumbprint, ThumbPrint, False)(0)
		myReq.ClientCertificates.Add(microcopCert)

        ' request
		myReq.Method = "POST"
		myReq.ContentType = "application/json"
		myReq.Accept = "application/json"

		myReq.GetRequestStream.Write(System.Text.Encoding.UTF8.GetBytes(myDataJSON), 0, System.Text.Encoding.UTF8.GetBytes(myDataJSON).Count)

		myResp = DirectCast(myReq.GetResponse, HttpWebResponse)

        ' pares token
		For Each cookie As String In myResp.Headers("Set-Cookie").Split({";"}, StringSplitOptions.None)
			If cookie.Contains("ss-id") Then
				Return cookie.Substring(cookie.IndexOf("=") + 1)
			End If
		Next
		Return String.Empty
	Catch ex As WebException
		Throw New Exception("Action: " + Action + Environment.NewLine + "Error: " + ex.Message)
	Catch ex As Exception
		Throw New Exception("Action: " + Action + Environment.NewLine + "Error: " + ex.Message)
	End Try

	Return String.Empty
End Function

Parents
  • 0 over 2 years ago

    This worked for me:

    Dim intmStore As New X509Store(StoreName.My, StoreLocation.LocalMachine)
intmStore.Open(OpenFlags.ReadOnly)
Dim certv As X509Certificate2

Try
    certv = intmStore.Certificates.Find(X509FindType.FindBySerialNumber, CertificateSN, True)(0)
Catch
    Throw New ViException("Couldn't find any certificate.")
End Try

    Make sure that the certificate is present in the user that runs the service's Certificate Store..

  • 0 over 2 years ago in reply to henrik a johansson

    I get the right certificate out of the store. I was able to confirm that by using the MsgBox and output information of the certificate (I know it is a bit odd method for debugging, but I don’t have Visual Studio in the customer environment). I believe it is not sent correctly or something like that. Setup of the certificate (certificate is in the LocalMachine -> Personal) and user permissions are the same on customer and my environment (I am an admin on both computers, system users have the same rights)

Reply
  • 0 over 2 years ago in reply to henrik a johansson

    I get the right certificate out of the store. I was able to confirm that by using the MsgBox and output information of the certificate (I know it is a bit odd method for debugging, but I don’t have Visual Studio in the customer environment). I believe it is not sent correctly or something like that. Setup of the certificate (certificate is in the LocalMachine -> Personal) and user permissions are the same on customer and my environment (I am an admin on both computers, system users have the same rights)

Children