Sabre SOAP session creation failing in .net 4.5

Question

I am building a POC (windows project) and trying to invoke sabre session create request. I have got sts url for generating WSDL, and could generated proxy class in Visual studio 2015, with .net 4.5 using link http://webservices.sabre.com/wsdl/sabreXML1.0.00/usg/SessionCreateRQ.wsdl. Now i have Sabre supllied user id and password for my company and i tried placing them in the request like suggested in post "Consuming Sabre soap services using .net" but didn't have luck, as the proxy class objects are throwing error when invoking the service at new CRT url (https://sws-crt-as.cert.havail.sabre.com) of Sabre. Exception: " System.ServiceModel.Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'sws-crt-as.cert.havail.sabre.com'. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.". Here there is any inner exception (with same text as outer exception) which indicates InternalSTatus attribute of the exception as "RequestFatal". The app.config content is given here for reference as well

Please help me in point the mistake (possible in web.config/code)

  <system.serviceModel>
    <behaviors>
      <endpointBehaviors>
        <behavior name="SessBehavior">
          <clientCredentials>
            &lt;clientCertificate storeLocation="LocalMachine" storeName="TrustedPublisher" x509FindType="FindByThumbprint" findValue="E3FC0AD84F2F5A83ED6F86F567F8B14B40DCBF12" /><!--EV SSL CA G3-->
          &lt;/clientCredentials>
        &lt;/behavior>
      &lt;/endpointBehaviors>
    &lt;/behaviors>
    &lt;bindings>
      &lt;customBinding>
        &lt;binding name="SessionCreateSoapBinding">
          &lt;textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16" messageVersion="Soap11" writeEncoding="utf-8">
            &lt;readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
          &lt;/textMessageEncoding>
          &lt;httpsTransport maxReceivedMessageSize="20000000" maxBufferSize="20000000" maxBufferPoolSize="20000000" />
        &lt;/binding>
      &lt;/customBinding>
    &lt;/bindings>
    &lt;client>
      &lt;endpoint address="https://sws-crt-as.cert.havail.sabre.com" 
                behaviorConfiguration="SessBehavior"
                binding="customBinding"
          bindingConfiguration="SessionCreateSoapBinding" contract="SessionCreate.SessionCreatePortType"
          name="SessionCreatePortType" />
    &lt;/client>
  &lt;/system.serviceModel>

Code for creating session:

public SabreSessionInfo sabreCreateSession(string user, string pass, string pseudo, string org, bool doGetAirVendors)
{
    SabreSessionInfo inf = new SabreSessionInfo();

    try
    {
        string userName = user;
        string password = pass;

        string PCC = pseudo;

        string domain = "LA";

        DateTime dt = DateTime.UtcNow;
        string tstamp = dt.ToString("s").Replace("-","").Replace(":","") + "Z";

        SessionCreate.MessageHeader msgHeader = new SessionCreate.MessageHeader();

        msgHeader.ConversationId = tstamp; 

        SessionCreate.From from = new SessionCreate.From();
        SessionCreate.PartyId fromPartyId = new SessionCreate.PartyId();
        SessionCreate.PartyId[] fromPartyIdArr = new SessionCreate.PartyId[1];
        fromPartyId.Value = "99999"; 
        fromPartyIdArr[0] = fromPartyId;
        from.PartyId = fromPartyIdArr;
        msgHeader.From = from;

        SessionCreate.To to = new SessionCreate.To();
        SessionCreate.PartyId toPartyId = new SessionCreate.PartyId();
        SessionCreate.PartyId[] toPartyIdArr = new SessionCreate.PartyId[1];
        toPartyId.Value = "123123"; 
        toPartyIdArr[0] = toPartyId;
        to.PartyId = toPartyIdArr;
        msgHeader.To = to;

        //Add the value for eb:CPAId, which is the IPCC. 
        //Add the value for the action code of this Web service, SessionCreateRQ.

        msgHeader.CPAId = "AnyCPA";
        msgHeader.Action = "SessionCreateRQ";// Web method name
        SessionCreate.Service service = new SessionCreate.Service();
        service.Value = "Session";
        msgHeader.Service = service;

        SessionCreate.MessageData msgData = new SessionCreate.MessageData();
        msgData.MessageId = "mid:" + tstamp + "@clientofsabre.com";
        msgData.Timestamp = tstamp;
        msgHeader.MessageData = msgData;

        SessionCreate.Security security = new SessionCreate.Security();
        SessionCreate.SecurityUsernameToken securityUserToken = new SessionCreate.SecurityUsernameToken();
        securityUserToken.Username = userName;
        securityUserToken.Password = password;
        securityUserToken.Organization = org;
        securityUserToken.Domain = domain; 
        security.UsernameToken = securityUserToken; 

        SessionCreate.SessionCreateRQ req = new SessionCreate.SessionCreateRQ();
        SessionCreate.SessionCreateRQPOS pos = new SessionCreate.SessionCreateRQPOS();
        SessionCreate.SessionCreateRQPOSSource source = new SessionCreate.SessionCreateRQPOSSource();
        source.PseudoCityCode = PCC;
        pos.Source = source;
        req.POS = pos;

        SessionCreate.SessionCreatePortTypeClient clientObj = new SessionCreate.SessionCreatePortTypeClient("SessionCreatePortType");
        Task<SessionCreate.SessionCreateRQResponse> resp = clientObj.SessionCreateRQAsync(msgHeader, security, req);
        resp.Wait();

        inf.conversationID = msgHeader.ConversationId;
        inf.sabreToken = security.BinarySecurityToken;
    }
    catch (Exception ex)
    {
        System.Diagnostics.Debug.WriteLine(ex.ToString());
    }
    return inf;
}

Answer 1

TLS 1.2 on .NET 4.0 or higher
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;

TLS 1.2 is not supported on .NET 3.5 so we are using a numeric representation of it
System.Net.ServicePointManager.SecurityProtocol = (System.Net.SecurityProtocolType)3072;

Answer 2

The problem is that the URL only accepts TLS 1.2 which might not be enabled by default.

In the class you execute the instantiated SessionCreate object, add the line below: System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;

This should solve it.