I have a strange problem. I have an external dll that I have not built myself so have no access to the source code that makes calls to a web service of some kind over https and uses a .pfx certificate to authenticate. It seems to use a normal WebRequest.Create call. It works fine on my dev machine but when I move it to a QA machine (Azure VM) it fails with the error,
The request was aborted: Could not create SSL/TLS secure channel.
And in the event log it’s,
A fatal error occurred while creating a TLS client credential. The internal error state is 10013
On the server (shared by lot’s of other sites) I have checked the registry settings for
And 1.2 is enabled but all other protocols are disabled and no special settings under,
Now the fun part is that I have made a small console app that does the same thing as the website and it works fine on the server when I run it AND if I change the application pool user from the specified user to my own user that I use to connect to the server the web site also runs fine. I have not made any registry changes and I’m happy to try to get the hosting team to make the changes and try but first I want to try to understand how the application can work with one user but not with the other user if it’s registry settings that are not user specific. Or if there can be another explanation for the issue.
EDIT: We run .NET Framework 4.7.2, both for the web site and the test console app.
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
After lots of Googling we finally found a solution here, https://www.windowstechupdates.com/solved-the-request-was-aborted-could-not-create-ssl-tls-secure-channel/. All that was needed was to change the setting
Load User Profile on the application pool from
True. The default value is
True but for some reason it is set to
False in our hosting environment.
More info here also What exactly happens when I set LoadUserProfile of IIS pool?