Search code examples
c#windows-10system.net.webexceptionbayeux

"Run as Administrator" (System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.)

I am getting the WebException error only on 2 PCs (i tryed 5 diferent PCs). The problem does not occure if i start application "As administrator".

I have tryed to add

ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;

and also change diferent flags for certificate

X509Certificate2 Cert = new X509Certificate2(fileName, "", X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);

But it didn't help.

    try
    {
        string webLink = @"https://" + destinationIP + "/apps/MMC/";
        //get firmware version of trellisware radio
        string fileName = Path.GetDirectoryName(Application.ExecutablePath) + Path.DirectorySeparatorChar + "etc" + Path.DirectorySeparatorChar + "default.p12";
        X509Certificate2 Cert = new X509Certificate2(fileName, "", X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);
        CertificateWebClient myWebClient = new CertificateWebClient(Cert);
        string webData = myWebClient.DownloadString(webLink);
        Uri responseUri = myWebClient.ResponseUri;

        string[] response = responseUri.ToString().Split('/');
    }
    catch (WebException ws) 
    { 
        logger.Error("WebException: " + webLink + Environment.NewLine + ws);
    }
    catch (SocketException) { }
    catch (ThreadAbortException) { }
    catch (Exception ex)
    {
        logger.Error("Exception: " + webLink + Environment.NewLine + ex);
    }

    public class CertificateWebClient : WebClient
    {
        private readonly X509Certificate2 certificate;

        public CertificateWebClient(X509Certificate2 cert)
        {
            certificate = cert;
        }

        protected override WebRequest GetWebRequest(Uri address)
        {
            HttpWebRequest request = (HttpWebRequest)base.GetWebRequest(address);

            System.Net.ServicePointManager.ServerCertificateValidationCallback = delegate (Object obj, X509Certificate X509certificate, X509Chain chain, System.Net.Security.SslPolicyErrors errors)
            {
                return true;
            };

            request.ClientCertificates.Add(certificate);
            return request;
        }

        Uri _responseUri;

        public Uri ResponseUri
        {
            get { return _responseUri; }
        }

        protected override WebResponse GetWebResponse(WebRequest request)
        {
            WebResponse response = base.GetWebResponse(request);
            _responseUri = response.ResponseUri;
            return response;
        }
    }

Exceptions:

2019-05-13 07:04:48.0050 | Error | OManager | WebException: https://169.1.28.23/apps/MMC/
System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
   at System.Net.WebClient.DownloadDataInternal(Uri address, WebRequest& request)
   at System.Net.WebClient.DownloadString(Uri address)
   at CAstralPilot.OcelotManager.<>c__DisplayClass26_0.<getGCSTrelliswareVersion>b__0() in 


2019-05-13 07:04:48.2081 | Warn | Genesys.Bayeux.Client | Request transport failed. Retrying after 00:00:00 Exception: 
Genesys.Bayeux.Client.BayeuxTransportException: Unable to connect to the remote server ---> System.Net.WebSockets.WebSocketException: Unable to connect to the remote server ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Net.WebSockets.ClientWebSocket.<ConnectAsyncCore>d__21.MoveNext()
   --- End of inner exception stack trace ---
   at System.Net.WebSockets.ClientWebSocket.<ConnectAsyncCore>d__21.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Genesys.Bayeux.Client.WebSocketTransport.<Open>d__12.MoveNext()
   --- End of inner exception stack trace ---
   at Genesys.Bayeux.Client.WebSocketTransport.<Open>d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Genesys.Bayeux.Client.ConnectLoop.<Poll>d__16.MoveNext()

I expected the code to work on al PCs, why some of them need administrator rights so WebClient can connect? Do i need to add certificate on some trusted location so it can work?

Solution

  • Solution was to add certificate in Manage user certificate (certmgr) and Manage computer certificate (certlm)