Azure api The request was aborted: Could not create SSL/TLS secure channel. http client While calling some web api

Question

Below code works fine on localhost but Getting the above error after deployed my api on microsoft azure .

My code is as follows:

public class UsersController : Controller   
{
    private readonly HttpClient _client;

    public UsersController()
    {
        ServicePointManager.Expect100Continue = true;
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
        _client = new HttpClient { BaseAddress = new Uri("https://pincode.saratchandra.in/api") };
        _client.DefaultRequestHeaders.Accept.Clear();
        _client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
    }

public JsonResult GetAddress(int pincode)
{
    var response     =_client.GetAsync("/pincode/125112").Result;

    //Here it throws an exception: got no response
    if (response.IsSuccessStatusCode)
    {
    }

    return Json(ApiResult.Success(), JsonRequestBehavior.AllowGet);
}

Didn't get any response for above call just get the error

The request was aborted: Could not create SSL/TLS secure channel

Answer 1

I was facing issue with a new function app deployment, I was getting the same error message -

The request was aborted: Could not create SSL/TLS secure channel.

I was using self hosted agent but when I used Microsoft hosted agent for deployment it worked. The problem was due to some missing TLS 1.2 settings and Configuring strong cryptography. I had to add below keys in the registry and of course a machine restart afterwards.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001

And it worked as a charm afterwards. Reference

Answer 2

We have been solving the same problem just today, and all you need to do is to increase the runtime version of .NET

4.5.2 didn't work for us with the above problem, while 4.6.1 was OK

<httpRuntime targetFramework="4.6.1"/>

If you need to keep the .NET version, then set

ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

Answer 3

We have recently had a number of similar issues with API's.

In our case these were resolved by changing the Security Protocol Type to TLS 1.2, like so:

  ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

This appears to be a result of the deprecation of SSL, and the recommendation of the adoption of TLS 1.2 by the PCI as of the middle of 2016. See here for more

EDIT:

This works for me:

 class Program
    {
        private static HttpClient _client;
        static void Main(string[] args)
        {
            ServicePointManager.Expect100Continue = true;
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
            _client = new HttpClient ();
            _client.DefaultRequestHeaders.Accept.Clear();
            _client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

            var response = _client.GetAsync("https://pincode.saratchandra.in/api/pincode/125112").Result;
        }
    }