I am facing with error code because I have developed Web API at my local machine and I am wondering is there way to temporary bypass this restriction
The error code:
Error code: WebException
Error message: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Stack trace:
at Terrasoft.Services.Runtime.ServiceClient.d__8.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Terrasoft.Services.Runtime.ServiceClient.Execute(IServiceClientRequest request, CancellationToken cancellationToken)
at Terrasoft.Services.Runtime.ServiceClient.Execute(IServiceClientRequest request)
at Terrasoft.Configuration.ServiceSchema.CallServiceSchemaService.Execute(String serviceName, String methodName, List`1 parameters)
Like
Hello,
About the error in the logs:
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
This is related to our security policy. Below, I am sending you the settings. Please verify from the integration side if they meet our requirements.
Please use the instructions below:
1. Disable support for obsolete and vulnerable versions of SSL/TLS
- Disable SSLv2
- Disable SSLv3
- Disable TLSv1.0
- Disable TLSv1.1
Instructions for MS Windows Server configuration
2. Disable support for weak encryption algorithms and protocols:
- Anonymous key exchange using Diffie-Hellman protocol
- NULL cipher suites
- Disable DES, RC2, RC4, and 3DES encryption algorithms (Instructions for MS Windows configuration)
- Disable MD5 and SHA-1 hash algorithms (Instructions for MS Windows configuration)
3. Enable the use of only strong encryption algorithms:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
4. Define the sequence of encryption algorithms to be used in accordance with point 3
Instructions for MS Windows Server configuration
5. Enable the TLS Fallback SCSV option
6. Enable the Forward Secrecy option
7. Enable the OCSP Stapling option
Instructions for MS Windows configuration
8. Enable the HSTS option
Instructions for MS IIS configuration
9. Install the MS SQL Server 2012 Native Client on the Creatio application server (in case of using MS SQL DBMS).