Create Azure Storage Account using C# Throw exception “The request was aborted: Could not create SSL/TLS secure channel.”

Question

I have a method in my asp.net mvc 5 application that uses Microsoft Azure client classes (CloudContext.Clients) to create StorageManagementClient. Needs certificate to authenticate, so I created a selfsigned certificate.

On development machine everything works ok.

On azure virtual machine(windows server 2008 r2) I have imported the certificate which is found by the code as expected, but when code that creates StorageManagementClient executes an exception is thrown

Inner Exception Type: System.Net.WebException Inner Exception: The request was aborted: Could not create SSL/TLS secure channel. Inner Source: System Inner Stack Trace: at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context) at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar) Exception Type: System.Net.Http.HttpRequestException Exception: An error occurred while sending the request. Source: test Stack Trace: at Microsoft.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at Microsoft.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccess(Task task) at Microsoft.WindowsAzure.StorageAccountOperationsExtensions.Create(IStorageAccountOperations operations, StorageAccountCreateParameters parameters) at ApplicationPortal.Code.DeployAzureResources.CreateStorageAccount(SubscriptionCloudCredentials credentials, String storageName) in C:\Users\DEVSYS1\Documents\Visual Studio 2017\Projects\PaSeaPortal\ApplicationPortal\Code\DeployAzureResources.cs:line 106 at ApplicationPortal.Controllers.AccountController.d__21.MoveNext() in C:\Users\DEVSYS1\Documents\Visual Studio 2017\Projects\PaSeaPortal\ApplicationPortal\Controllers\AccountController.cs:line 355

And on Event Viewer I am seeing this Error "The following fatal alert was generated: 80. The internal error state is 301."

Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See What topics can I ask about here in the Help Center. Perhaps Super User or Unix & Linux Stack Exchange would be a better place to ask. Also see Where do I post questions about Dev Ops? — jww

Tom Sun - MSFT Tom Sun - MSFT · Accepted Answer · 2017-06-09T05:56:06

I have imported the certificate which is found by the code as expected

Do you mean that you have installed the selfsigned .cer certification on the Azure virtual machine? If it is not that case, please have a try to export the cert from your develop machine and install it on the azure virtual machine. And try to use following code test it again.

public static X509Certificate2 GetCert(string thumbprint)
        {

            X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
            certStore.Open(OpenFlags.ReadOnly);
            X509Certificate2Collection certCollection = certStore.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false);
            if (certCollection.Count <= 0) return null;
            X509Certificate2 cert = certCollection[0];
            return cert;
        }


 var thumbprint= "cert thumbprint";
 SubscriptionCloudCredentials credentials = new CertificateCloudCredentials("subscription Id", cert);
 StorageManagementClient storageManagementClient = new StorageManagementClient(credentials);
 storageManagementClient.StorageAccounts.Get("storage name"); //only classical storage can be got.

packages.config

<?xml version="1.0" encoding="utf-8"?>
<packages>
  <package id="Hyak.Common" version="1.0.2" targetFramework="net462" />
  <package id="Microsoft.Azure.Common" version="2.0.4" targetFramework="net462" />
  <package id="Microsoft.Azure.Common.Dependencies" version="1.0.0" targetFramework="net462" />
  <package id="Microsoft.Bcl" version="1.1.9" targetFramework="net462" />
  <package id="Microsoft.Bcl.Async" version="1.0.168" targetFramework="net462" />
  <package id="Microsoft.Bcl.Build" version="1.0.14" targetFramework="net462" />
  <package id="Microsoft.CodeDom.Providers.DotNetCompilerPlatform" version="1.0.0" targetFramework="net462" />
  <package id="Microsoft.Net.Compilers" version="1.0.0" targetFramework="net462" developmentDependency="true" />
  <package id="Microsoft.Net.Http" version="2.2.22" targetFramework="net462" />
  <package id="Microsoft.WindowsAzure.Common" version="1.4.1" targetFramework="net462" />
  <package id="Microsoft.WindowsAzure.Common.Dependencies" version="1.1.1" targetFramework="net462" />
  <package id="Microsoft.WindowsAzure.Management.Storage" version="6.0.1" targetFramework="net462" />
  <package id="Newtonsoft.Json" version="6.0.4" targetFramework="net462" />
</packages>

If you try to creat Resource management storage account, please have try use Microsoft.Azure.Management.Fluent SDK. We also could get more demo code from github

Create Azure Storage Account using C# Throw exception “The request was aborted: Could not create SSL/TLS secure channel.”

1 Answers