Reputation: 882
Can't establish SSL/TLS secure channel with signed cert
I'm getting this error message while using the "Test connection to your bot" section on https://dev.botframework.com/.
An error occurred while sending the request. The request was aborted: Could not create SSL/TLS secure channel.
As noted in this Stack Overflow question, the bot framework does not work with self-signed certs.
However, this is not a self-signed cert. It is issued by DigiCert and my browser does not complain about it.
The endpoint is https://gem-hair.hyperdev.space/chat
EDIT: per http://social.technet.microsoft.com/wiki/contents/articles/31634.microsoft-trusted-root-certificate-program-participants-v-2016-april.aspx, DigiCert is a trusted certificate root.
Upvotes: 2
Views: 1539
Answers (1)
Reputation: 26
One of my colleague took a look. It seems that your cert requires TLS 1.2 which we don't currently support. We are working on a fix.
We do currently support TLS 1.0.
EDIT: Some clarifications. My earlier statement above about your cert is wrong. It's not your cert that requires TLS 1.2.
BotFramework endpoints supports TLS 1.0, 1.1 and 1.2 on connections inbound to it. However connections outbound from it was configured only for SSLv3 and TLS 1.0. Your "gem-hair" endpoint in Amazon EC2 is configured to only accept incoming connections with TLS 1.1 and 1.2. You can check this using https://ssllabs.com. That's why BotFramework can't reach you.
UPDATE: We updated outbound support to TLS 1.0, 1.1 and 1.2. This problem is now fixed.
Upvotes: 1
Related Questions
- Bot works in Bot Framework Emulator on local computer, but not after it's deployed to Microsoft Azure: "HTTP status code NotFound" (2nd Thread)
- Can't paste magic code in Teams bot channel
- Botframework - Bot working properly with Emulator but nothing with any published channel
- Skype Bot node.js error 500 on test connection
- Bot endpoint authentication/access blocked
- What might be preventing an EC2-hosted bot replying to messages on the Microsoft Bot Framework?