I have a .NET WebService call that is set to use TLS1.1 or higher. This works in my local development, but when i move to our development server, I receive the following error:
Could not ExecuteRequest for xxx data - - The request was aborted: Could not create SSL/TLS secure channel.
In the code i have the tls settings:
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Tls13 | SecurityProtocolType.Ssl3;
I've verified on the server the registry settings are correct for enabling TLS1.1, 1.2, etc... by checking: *HKEYLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols[TLS 1.1, TLS 1.2]* I have the DisabledByDefault = 0 and Enabled = 1 for both "Client" and "Server" keys at these locations
In the windows system logs there is an Schannel error: EventID 36887: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
I'm not sure where to go from here. I feel like it's probably a simple setting or a registry tweak, but i'm lost now.
thanks in advance for the help
SSL3 = Specifies the Secure Socket Layer (SSL) 3.0 security protocol. SSL 3.0 has been superseded by the Transport Layer Security (TLS) protocol and is provided for backward compatibility only.
– Wiz[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman]
"ServerMinKeyBitLength"=dword:00000400
– Wiz