IBM Security Verify

Hello Team,

I'm getting the below error when accessing policy from the dot net application.

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
The request was aborted: Could not create SSL/TLS secure channel.

WebSEAL certificate is stored in the truststore of dot net. Even we tried with disabling the certificate security check from the dot net application still we are getting the same error.

But When the same Policy is accessed from Java and Angular it's working fine.

Is there any specific configuration related to the .net application from ISAM end that we are missing?

can anyone help with the same?

------------------------------
Mukesh
------------------------------

Hi Mukesh,

I found this by doing some Google searches on the error message.   Looks like the issue is that you need additional configuration in .NET application to make it use TLS v1.2:

Have a look here: http://msprogrammer.serviciipeweb.ro/2019/11/06/show-the-software-artifacts-and-dotnettry-part-6/

The answer was adding this line to code:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

Please let us know if it works for you.

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------

Original Message:
Sent: Fri January 22, 2021 01:28 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hello Team,

I'm getting the below error when accessing policy from the dot net application.

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
The request was aborted: Could not create SSL/TLS secure channel.

WebSEAL certificate is stored in the truststore of dot net. Even we tried with disabling the certificate security check from the dot net application still we are getting the same error.

But When the same Policy is accessed from Java and Angular it's working fine.

Is there any specific configuration related to the .net application from ISAM end that we are missing?

can anyone help with the same?

------------------------------
Mukesh
------------------------------

Hi Jon,

Thanks for your quick response!

We have tried all possible options in our code. 

attaching SS of code snippet for reference






------------------------------
Mukesh
------------------------------

Original Message:
Sent: Fri January 22, 2021 04:01 AM
From: Jon Harry
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

I found this by doing some Google searches on the error message.   Looks like the issue is that you need additional configuration in .NET application to make it use TLS v1.2:

Have a look here: http://msprogrammer.serviciipeweb.ro/2019/11/06/show-the-software-artifacts-and-dotnettry-part-6/

The answer was adding this line to code:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

Please let us know if it works for you.

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: Fri January 22, 2021 01:28 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hello Team,

I'm getting the below error when accessing policy from the dot net application.

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
The request was aborted: Could not create SSL/TLS secure channel.

WebSEAL certificate is stored in the truststore of dot net. Even we tried with disabling the certificate security check from the dot net application still we are getting the same error.

But When the same Policy is accessed from Java and Angular it's working fine.

Is there any specific configuration related to the .net application from ISAM end that we are missing?

can anyone help with the same?

------------------------------
Mukesh
------------------------------

Hi Mukesh,

Please try this to explicitly specify TLS1.2 usage.

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Please let us know the results.

Regards,

------------------------------
Jahanzaib Sarwar
------------------------------

Original Message:
Sent: Fri January 22, 2021 05:06 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hi Jon,

Thanks for your quick response!

We have tried all possible options in our code. 

attaching SS of code snippet for reference

------------------------------
Mukesh

Original Message:
Sent: Fri January 22, 2021 04:01 AM
From: Jon Harry
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

I found this by doing some Google searches on the error message.   Looks like the issue is that you need additional configuration in .NET application to make it use TLS v1.2:

Have a look here: http://msprogrammer.serviciipeweb.ro/2019/11/06/show-the-software-artifacts-and-dotnettry-part-6/

The answer was adding this line to code:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

Please let us know if it works for you.

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: Fri January 22, 2021 01:28 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hello Team,

I'm getting the below error when accessing policy from the dot net application.

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
The request was aborted: Could not create SSL/TLS secure channel.

WebSEAL certificate is stored in the truststore of dot net. Even we tried with disabling the certificate security check from the dot net application still we are getting the same error.

But When the same Policy is accessed from Java and Angular it's working fine.

Is there any specific configuration related to the .net application from ISAM end that we are missing?

can anyone help with the same?

------------------------------
Mukesh
------------------------------

Hi Jahanzaib,

Thanks for your response!

Tried with explicitly specifying TLS1.2 usage.

still, the error is not resolved.




------------------------------
Mukesh
------------------------------

Original Message:
Sent: Fri January 22, 2021 05:36 AM
From: Jahanzaib Sarwar
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

Please try this to explicitly specify TLS1.2 usage.

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Please let us know the results.

Regards,

------------------------------
Jahanzaib Sarwar

Original Message:
Sent: Fri January 22, 2021 05:06 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hi Jon,

Thanks for your quick response!

We have tried all possible options in our code. 

attaching SS of code snippet for reference

------------------------------
Mukesh

Original Message:
Sent: Fri January 22, 2021 04:01 AM
From: Jon Harry
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

I found this by doing some Google searches on the error message.   Looks like the issue is that you need additional configuration in .NET application to make it use TLS v1.2:

Have a look here: http://msprogrammer.serviciipeweb.ro/2019/11/06/show-the-software-artifacts-and-dotnettry-part-6/

The answer was adding this line to code:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

Please let us know if it works for you.

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: Fri January 22, 2021 01:28 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hello Team,

I'm getting the below error when accessing policy from the dot net application.

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
The request was aborted: Could not create SSL/TLS secure channel.

WebSEAL certificate is stored in the truststore of dot net. Even we tried with disabling the certificate security check from the dot net application still we are getting the same error.

But When the same Policy is accessed from Java and Angular it's working fine.

Is there any specific configuration related to the .net application from ISAM end that we are missing?

can anyone help with the same?

------------------------------
Mukesh
------------------------------

Hi Mukesh,

You mentioned that "WebSEAL certificate is stored in the truststore of dot net", kindly can you confirm which is that truststore? Are you talking about windows trust store here?

Regards,

------------------------------
Jahanzaib Sarwar
------------------------------

Original Message:
Sent: Fri January 22, 2021 07:21 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hi Jahanzaib,

Thanks for your response!

Tried with explicitly specifying TLS1.2 usage.

still, the error is not resolved.




------------------------------
Mukesh

Original Message:
Sent: Fri January 22, 2021 05:36 AM
From: Jahanzaib Sarwar
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

Please try this to explicitly specify TLS1.2 usage.

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Please let us know the results.

Regards,

------------------------------
Jahanzaib Sarwar

Original Message:
Sent: Fri January 22, 2021 05:06 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hi Jon,

Thanks for your quick response!

We have tried all possible options in our code. 

attaching SS of code snippet for reference

------------------------------
Mukesh

Original Message:
Sent: Fri January 22, 2021 04:01 AM
From: Jon Harry
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

I found this by doing some Google searches on the error message.   Looks like the issue is that you need additional configuration in .NET application to make it use TLS v1.2:

Have a look here: http://msprogrammer.serviciipeweb.ro/2019/11/06/show-the-software-artifacts-and-dotnettry-part-6/

The answer was adding this line to code:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

Please let us know if it works for you.

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: Fri January 22, 2021 01:28 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hello Team,

I'm getting the below error when accessing policy from the dot net application.

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
The request was aborted: Could not create SSL/TLS secure channel.

WebSEAL certificate is stored in the truststore of dot net. Even we tried with disabling the certificate security check from the dot net application still we are getting the same error.

But When the same Policy is accessed from Java and Angular it's working fine.

Is there any specific configuration related to the .net application from ISAM end that we are missing?

can anyone help with the same?

------------------------------
Mukesh
------------------------------

Hi Jahanzaib,


Yes, WebSEAL Certificate is stored in Trusted Root Certification Authorities Certificate Store (Windows truststore).

------------------------------
Mukesh
------------------------------

Original Message:
Sent: Fri January 22, 2021 07:41 AM
From: Jahanzaib Sarwar
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

You mentioned that "WebSEAL certificate is stored in the truststore of dot net", kindly can you confirm which is that truststore? Are you talking about windows trust store here?

Regards,

------------------------------
Jahanzaib Sarwar

Original Message:
Sent: Fri January 22, 2021 07:21 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hi Jahanzaib,

Thanks for your response!

Tried with explicitly specifying TLS1.2 usage.

still, the error is not resolved.




------------------------------
Mukesh

Original Message:
Sent: Fri January 22, 2021 05:36 AM
From: Jahanzaib Sarwar
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

Please try this to explicitly specify TLS1.2 usage.

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Please let us know the results.

Regards,

------------------------------
Jahanzaib Sarwar

Original Message:
Sent: Fri January 22, 2021 05:06 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hi Jon,

Thanks for your quick response!

We have tried all possible options in our code. 

attaching SS of code snippet for reference

------------------------------
Mukesh

Original Message:
Sent: Fri January 22, 2021 04:01 AM
From: Jon Harry
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

I found this by doing some Google searches on the error message.   Looks like the issue is that you need additional configuration in .NET application to make it use TLS v1.2:

Have a look here: http://msprogrammer.serviciipeweb.ro/2019/11/06/show-the-software-artifacts-and-dotnettry-part-6/

The answer was adding this line to code:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

Please let us know if it works for you.

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: Fri January 22, 2021 01:28 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hello Team,

I'm getting the below error when accessing policy from the dot net application.

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
The request was aborted: Could not create SSL/TLS secure channel.

WebSEAL certificate is stored in the truststore of dot net. Even we tried with disabling the certificate security check from the dot net application still we are getting the same error.

But When the same Policy is accessed from Java and Angular it's working fine.

Is there any specific configuration related to the .net application from ISAM end that we are missing?

can anyone help with the same?

------------------------------
Mukesh
------------------------------

Hi Mukesh,

What is the result when you open the URL in Internet Exploer? Does IE show certificate warning?

Regards,

------------------------------
Jahanzaib Sarwar
------------------------------

Original Message:
Sent: Fri January 22, 2021 08:49 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hi Jahanzaib,


Yes, WebSEAL Certificate is stored in Trusted Root Certification Authorities Certificate Store (Windows truststore).

------------------------------
Mukesh

Original Message:
Sent: Fri January 22, 2021 07:41 AM
From: Jahanzaib Sarwar
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

You mentioned that "WebSEAL certificate is stored in the truststore of dot net", kindly can you confirm which is that truststore? Are you talking about windows trust store here?

Regards,

------------------------------
Jahanzaib Sarwar

Original Message:
Sent: Fri January 22, 2021 07:21 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hi Jahanzaib,

Thanks for your response!

Tried with explicitly specifying TLS1.2 usage.

still, the error is not resolved.




------------------------------
Mukesh

Original Message:
Sent: Fri January 22, 2021 05:36 AM
From: Jahanzaib Sarwar
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

Please try this to explicitly specify TLS1.2 usage.

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Please let us know the results.

Regards,

------------------------------
Jahanzaib Sarwar

Original Message:
Sent: Fri January 22, 2021 05:06 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hi Jon,

Thanks for your quick response!

We have tried all possible options in our code. 

attaching SS of code snippet for reference

------------------------------
Mukesh

Original Message:
Sent: Fri January 22, 2021 04:01 AM
From: Jon Harry
Subject: ISAM - Not able to access policy from dot Net application

Hi Mukesh,

I found this by doing some Google searches on the error message.   Looks like the issue is that you need additional configuration in .NET application to make it use TLS v1.2:

Have a look here: http://msprogrammer.serviciipeweb.ro/2019/11/06/show-the-software-artifacts-and-dotnettry-part-6/

The answer was adding this line to code:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

Please let us know if it works for you.

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: Fri January 22, 2021 01:28 AM
From: Mukesh Bhati
Subject: ISAM - Not able to access policy from dot Net application

Hello Team,

I'm getting the below error when accessing policy from the dot net application.

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
The request was aborted: Could not create SSL/TLS secure channel.

WebSEAL certificate is stored in the truststore of dot net. Even we tried with disabling the certificate security check from the dot net application still we are getting the same error.

But When the same Policy is accessed from Java and Angular it's working fine.

Is there any specific configuration related to the .net application from ISAM end that we are missing?

can anyone help with the same?

------------------------------
Mukesh
------------------------------