The request was aborted: Could not create SSL/TLS secure channel

[yaronguez]

All of our API calls are failing with the error: The request was aborted: Could not create SSL/TLS secure channel

There was an existing issue with this but it's closed as won't fix: https://github.com/danesparza/MailChimp.NET/issues/129

This SDK worked for us for weeks with no problem and suddenly started universally failing in both local dev environment and production. MailChimp support hasn't been able to solve it. Any help is much appreciated, thanks!

NOTE: when stepping through the code, copying the endpoint, serializing the arguments and pasting both into Postman to make the REST API call manually, it works perfectly. The issue only occurs within the SDK. We're using Azure Emulator if that's a factor.

[danesparza]

Sorry @yaronguez -- I have never heard of this before and can't repro this behavior. I honestly have no idea what might be going on. What's the simplest call you can get working locally? It might help to use the source code (instead of the assembly) and hack on that to see if you can get a simple SSL connection to work. (For example, does the ping method work?)

[yaronguez]

I've been able to reproduce this behavior bypassing the SDK altogether and just making a direct HTTP request to MailChimp in a basic console app: https://gist.github.com/yaronguez/36b02908590602ccb6b7

As you can see from the above, setting the ServicePointManager.SecurityProtocol from the default of SecurityProtocolType.Tls | SecurityProtocolType.SSL3 to SecurityProtocolType.Tls12 solves the problem. I'm trying to figure out how to set this by default in the registry but so far no luck: http://stackoverflow.com/questions/28286086/default-securityprotocol-in-net-4-5

[devlife]

Any update on this? I have the same issue.

[yaronguez]

@devlife , explicitly enabling TLS 1.2 in code solves the problem: ServicePointManager.SecurityProtocol = ServicePointManager.SecurityProtocol | SecurityProtocolType.Tls12

[devlife]

Hmm I tried that and it didn't work. I was running the powershell commands here: https://azure.microsoft.com/en-us/blog/how-to-disable-ssl-3-0-in-azure-websites-roles-and-virtual-machines/. I ended up having to comment out the calls to the Set-CryptoSetting. To get it to work.

[danesparza]

FYI -- at this point I'm pretty confident this is a .NET issue and not a Mailchimp or Mailchimp.NET issue. You might have better luck searching for answers on Stack Overflow.

[yaronguez]

Interesting. We had used that same PowerShell script which leads me to believe it is definitely a culprit here. We modified that script to handle some issues. You can view our modified version here: https://gist.github.com/yaronguez/c873d269294692c84382

Let me know if it fixes your issue!

[GreyGhostStudio]

Yep, pulled down ServiceStack.Text to add some code to set the SecurityProtocolType. Compiled against .Net 4.5 and then recompiled Mailchimp.Net against it and .Net 4.5. Appears to have solved the problem. Thanks!