Hi,
We have a c# code that connects to VISA VMORC API in order to download some offers. The code used to work fine but now we are getting an annoying message related to SSL/TLS secure channel. Here is a summary of the issue and what we have tried so far:
- There is a .p12 certificate installed that works fine with SOAPUI application;
- The code is from the GIT examples. We tried all combinations of ServicePointManager in order to test the connection settings:
ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(AcceptAllCertifications); // returns true ServicePointManager.Expect100Continue = true; ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
- We have given permissions on certificate private keys to users: "Everyone", "Network Services" and IIS account;
- We installed the certificate on Windows MMC (under personal and Trusted Root Certification Authorities);
I am sending the code we are using below (without user data and passwords)
string requestURL = "https://api.visa.com/" + path; string userId = ""; string password = ""; string certificatePath = @"C:\Certificados\hvmorc.p12"; string certificatePassword = ""; statusCode = ""; LogRequest(requestURL, requestBodyString); X509Certificate2 certificate = new X509Certificate2(certificatePath, certificatePassword, X509KeyStorageFlags.Exportable); X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); // we also tried LocalMachine to no avail store.Open(OpenFlags.ReadWrite); store.Add(certificate); store.Close(); ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(AcceptAllCertifications); ServicePointManager.Expect100Continue = true; ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072; HttpWebRequest request = WebRequest.Create(requestURL) as HttpWebRequest; request.Method = method; request.Headers["Authorization"] = GetBasicAuthHeader(userId, password); request.Headers["x-correlation-id"] = GetCorrelationId(); request.PreAuthenticate = true; request.ClientCertificates.Add(certificate); HttpWebResponse response = request.GetResponse() as HttpWebResponse;
The error we are getting is:
AcquireCredentialsHandle() failed with error 0X8009030D. Exception in HttpWebRequest#60537518:: - The request was aborted: Could not create SSL/TLS secure channel..
It seems like a certificate error, but it works with SOAP UI. Any suggestions on what to do here to debug this problem?
Thanks,
Lincon
Solved! Go to Solution
Hi Lincoln,
Please check the following. I see that you have already tried out the third option below, but please make sure if your IIS server can read the certificates .
$ openssl pkcs12 -export -out myProject_keyAndCertBundle.p12 -inkey key_63973e0f-6bae-4ae0-98b9-5f6tg153ce2e.pem -in cert.pem
Let us know what you find.
Thank you,
Jai
Hi Jai,
The solution you sent worked perfectly!
Thank you very much!!!
Lincon
Your content helped me a lot to take my doubts, thank you very much.
Hi Dorothy,
You're Welcome !! Glad it helped !!
Thanks,
Jai
I had the same issue,
My "myProject_keyAndCertBundle.p12" had working right on Soap UI, but it was not working on Visual Studio 2019, but now it is working Right.
Thanks for your help.