Darryn_Chang | 2018-08-15 05:26:12 UTC | #1
Currently 1 of our connectors is throwing the following error. We have checked our 3rd party intergration and everything is all clear on their side. What is this error, and how do you fix it? Have raised with support but just keep getting told its been escalated
[Error] GenericPlugin.ExecuteString: Tracing exception: System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async)
End of inner exception stack trace --- at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) at System.Net.HttpWebRequest.GetRequestStream() at RestSharp.Http.WriteRequestBody(HttpWebRequest webRequest) at RestSharp.Http.PostPutInternal(String method) at RestSharp.RestClient.Execute(IRestRequest request, String httpMethod, Func`3 getResponse)
Jason_Mathison | 2018-08-15 12:47:17 UTC | #2
Is bridge server running on an older version of windows? If so, you may need to follow this article to allow the bridge to connect with a newer version of TLS.
https://support.microsoft.com/da-dk/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in
Darryn_Chang | 2018-08-16 06:37:21 UTC | #3
Completed this update last month, but still have these errors.
Jason_Mathison | 2018-08-17 12:57:26 UTC | #4
What is the URL that you are attempting to connect to?
Darryn_Chang | 2018-08-20 04:20:21 UTC | #5
https://fairfaxmedia-nz-s.campaign.adobe.com/jssp/ffx/ivrEmailTrigger.jssp
Jason_Mathison | 2018-08-20 14:12:00 UTC | #6
Based on testing that web site here https://www.ssllabs.com/ssltest/analyze.html?d=fairfaxmedia-nz-s.campaign.adobe.com that web site only accepts TLS 1.2. That is great for security, but also consistent with the error you are seeing on older versions of windows.
How did you go about applying the update? When I was first working on this issue I tried to update the registry by hand and ended up doing it wrong, so I recommend the MSI approach. Also, did you let windows apply all outstanding windows updates?
Finally, if none of that gets you anywhere please PM me your support case ID.
Jason_Mathison | 2018-08-30 12:11:31 UTC | #7
Just to wrap this up for anyone watching at home. The issue ended up being related to certificates on the customers machines. They had to get a Adobe certificate installed on one of their machines to get things to work.
This appeared to be something particular to their windows configuration or network configuration as I was able to use the web service connector to connect to that web service without any certificate configuration.
system | 2018-09-30 12:11:33 UTC | #8
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 3369