.NET C# IIS Request cancelled: Failed to create secure channel for SSL/TLS

Question

.NET C# IIS Request cancelled: Failed to create secure channel for SSL/TLS

Asked 9 years, 2 months ago

Viewed 19,908 times

8

Gentlemen,

I am trying to communicate with the recipe/SEFAZ server using an A1 certificate through an MVC5 C# application on an IIS 8 server, in the pool with my user identity. The certificate is installed and I have already performed the proper tests by connecting to the recipe directly through the Browser. However when making the request in the code I get the following error:

Request cancelled: Failed to create a secure channel for SSL/TLS.

The data of the request:

Parameters :

<xml version="1.0" encoding="UTF-8" >
 <consNFeDest versao="2.00 / 3.10" xmlns="http://www.portalfiscal.inf.br/nfe">
   <tpAmb>1</tpAmb>
   <cUF>31</cUF>
   <xServ>CONSULTAR NFE DEST</xServ>
    <CNPJ>000000000</CNPJ>
    <indNFe>0</indNFe>
   <indEmi>1</indEmi>
   <ultNSU>0</ultNSU>
</consNFeDest>
</xml>

Service : https://www.nfe.fazenda.gov.br/NFeConsultaDest/NFeConsultaDest.asmx Version : 2.00 / 3.10

Code:

var parametros = Serializar<ConsultaStatusDoServico>();
    var certificado = PegarCertificado(loja);
    var ws = new SefazMG.NfeStatusServico2();
    var cabecalho = new nfeCabecMsg() { cUF = Contexto.ConfiguracoesDaNFE.Estado.ID.ToString(), versaoDados = Contexto.ConfiguracoesDaNFE.VersaoDoServicoDeStatus };
    var xEle = new XmlDocument(); 
    xEle.LoadXml(parametros);
    XmlNode node = xEle.DocumentElement;
    ws.ClientCertificates.Add(certificado);
    ws.Url = "https://www.nfe.fazenda.gov.br/NFeConsultaDest/NFeConsultaDest.asmx";
    ws.nfeCabecMsgValue = cabecalho;
    var nfeDadosMsg = new nfeDadosMsg();
    nfeDadosMsg.Any = new XmlNode[] { xEle.ChildNodes.Item(0) };

    var sb = new StringBuilder();


    nfeDadosMsg.Any = new XmlNode[] { xEle };
    nfeDadosMsg.Any[0] = node;
    try
    {
        var resposta = ws.nfeStatusServicoNF2(nfeDadosMsg);
        sb.AppendLine("Resposta : " + Serializar(resposta));

    }catch(Exception ex)
    {
        sb.AppendLine(ex.Message);
    }

Error:

Request cancelled: Failed to create a secure channel for SSL/TLS.

Hello friend, solved your problem?

– PauloHDSousa

2016/05/24 at 13:51
Yes there was disagreement between the CNPJ and the Certificate

– Glauber A A

2016/05/31 at 14:01
where you changed the contenttype ?

– Junior

2018/01/18 at 21:30

5 answers

Browser other questions tagged c# web-service nfe

You are not signed in. Login or sign up in order to post.

by Glauber A A • **315** points · Answer 1 · 2015-11-03T16:28:33+00:00

As amazing as it seems from the error text, the cause of the problem is due to the fact that unlike other services of the same provider, it does not accept Contenttype = "Aplication/xml", only Contenttype = "text/xml".

Thank you very much for your contribution.

by Glauco Oliveira • **170** points · Answer 2 · 2018-12-11T13:56:28+00:00

Hello, I went through the same problem but trying to download a file from a site running in the background with the C#language. In order to download the file using the Getresponse() method of the Web Client, the system worked perfectly until one day it went wrong : "The request was cancelled: It was not possible to create a secure channel for SSL/TLS"

I tried all the above and nothing worked until I checked the version of the . net framework used, 4.5.2. Then I switched to the version 4.6 , only in this way I solved the problem. Returning to run again on windows server 2016 and windows 10

Note: It is possible that with a future windows update the application will stop working.

I hope I’ve helped you all.

by Fernando Meneses Gomes • **111** points · Answer 3 · 2019-08-30T12:40:26+00:00

Check if there is permission to private certificate key.

Open the certificate manager
- [windows key] + r -> mmc -> File -> Add Snap-in -> Certificates -> Computer Account
Select the certificate (which is usually in the "personal" folder). In the bar to the right of the certificate manager, select "more options" -> "all tasks" -> "manage private keys".

I don’t know for sure which user is required to give permission, but it must be the IUSR, or ASP.NET, but to check if this is what is causing you trouble, from permission to "all".

goww

by Elkin • **586** points · Answer 4 · 2015-08-28T23:30:11+00:00

Request cancelled: Failed to create secure channel for SSL/TLS. this error is quite generic and has several things that can generate it...

I already had a similar error only in my case it was because the server was not accepting or validating the HTTPS certificate.. so I created this from here that solved my problem see if it can help you...

private void AlgumLugar() {
    ServicePointManager.ServerCertificateValidationCallback 
    += new RemoteCertificateValidationCallback(AllwaysGoodCertificate);
}

private static bool AllwaysGoodCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors policyErrors) {

   return true;
}

add this here too, so it can work in windows 7 too !!:

ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

take a test and see if it works... it worked for me !

by Heder John • 11 points · Answer 5 · 2020-08-08T22:10:38+00:00

I added this and it worked...

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;
ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;