locked
PostAsync failed / Could not create SSL/TLS secure channel RRS feed

  • Question

  • After installation ATA Gateway can't connect to ATA Center - Error message in Microsoft.Tri.Gateway.Updater-Errors.log

    ===

    2017-09-25 12:01:15.3603 1372 6   61b2fa68-0aa1-4769-a920-b8ac585f1cfd Error [WebClient+<InvokeAsync>d__8`1] System.Net.Http.HttpRequestException: PostAsync failed [requestTypeName=UpdateGatewayServiceStatusRequest] ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
       at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
       at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
       --- End of inner exception stack trace ---
       at async Microsoft.Tri.Common.Communication.WebClient.PostAsync[](?)
       at async Microsoft.Tri.Common.Communication.WebClient.InvokeAsync[](?)
       --- End of inner exception stack trace ---
       at async Microsoft.Tri.Common.Communication.WebClient.InvokeAsync[](?)
       at async Microsoft.Tri.Common.Communication.WebClient.InvokeAsync[](?)
       at async Microsoft.Tri.Gateway.Updater.Communication.GatewayServiceStatusUpdaterProxy.UpdateGatewayServiceStatusAsync(?)
       at async Microsoft.Tri.Gateway.Updater.Updates.GatewayServiceController.SendGatewayServiceStatusUpdateAsync(?)
       at async Microsoft.Tri.Infrastructure.Framework.Module.<>c__DisplayClass30_0.<RegisterPeriodicTask>b__1(?)
       at async Microsoft.Tri.Infrastructure.Extensions.TaskExtension.<>c__DisplayClass33_0.<RunPeriodic>b__0(?)

    ===

    Microsoft Advanced Thread Analytics Version 1.8.6765.36693

    No differnce using certificate from our internal PKI oder using self-signed certificate povided during setup.

    Monday, September 25, 2017 12:13 PM

Answers

  • Can you check if you have the following registry keys set on this machine ?

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]
    "DisableRenegoOnServer"=dword:00000001
    "DisableRenegoOnClient"=dword:00000001

    If yes, please try while they are set to 0 (default).

    • Marked as answer by Carsten Scherb Wednesday, September 27, 2017 12:45 PM
    Tuesday, September 26, 2017 11:00 PM

All replies

  • Hello Carsten,

    Is there any intermediate devices between ATA Center and Gateway, such as WAN Accelerator or Proxy server?

    If so, please just bypass them, and then try again.

    Best regards,

    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, September 26, 2017 6:26 AM
  • unfortunatly ...  no WAN Accelerator, Proxy or Firewall between ATA Center and Gateway
    Tuesday, September 26, 2017 10:52 AM
  • Can you check if you have the following registry keys set on this machine ?

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]
    "DisableRenegoOnServer"=dword:00000001
    "DisableRenegoOnClient"=dword:00000001

    If yes, please try while they are set to 0 (default).

    • Marked as answer by Carsten Scherb Wednesday, September 27, 2017 12:45 PM
    Tuesday, September 26, 2017 11:00 PM
  • Jippie-ja-yeah !

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]
    "DisableRenegoOnServer"=dword:00000001

    was set on ATAcenter. After changing to 0 ATAgateway was able to communicate with ATACenter.

    Is this value added by installer of ATAcenter - or is this something which might be embedded in our Image oder Group Policies ? (The RegKey is not set on ATAgateway)

    Wednesday, September 27, 2017 12:43 PM
  • Not added by ATA installer.

    usually it's in the image or GPO. it's not the default.

    Eli

    Wednesday, September 27, 2017 8:57 PM