The request was aborted: Could not create SSL/TLS secure channel.

Add-in Express™ Support Service
That's what is more important than anything else

The request was aborted: Could not create SSL/TLS secure channel.
Updater 
Ionut Adrian


Guest


Hi there,

I'm getting the "The request was aborted: Could not create SSL/TLS secure channel." error in updater log file, when using an https link in publishing Installation URL. If I use the same link, but with http, then everything is OK.
Following https://www.add-in-express.com/forum/read.php?FID=5&TID=15706, I added the ServicePointManager.SecurityProtocol line first in Addin module constructor. No change.

User added an image

Then I created a separate dll project, with a ClickTwiceModule item, added the ServicePointManager.SecurityProtocol line to the clicktwice module and use the dll as custom action for the downloader and updater when publishing. Still no change.

User added an image

The .NET framework used in the add-in project is 4.7.2. I'm using automatic silent updates feature.

User added an image

Any idea how to fix this? It seems to be an issue with the Add-in Express downloader program, a C# .NET 472 sample program that downloads the installer from the same https link works fine, without any ServicePointManager.SecurityProtocol line added.

Thank you for your time!

Adrian
Posted 29 Jul, 2021 10:05:19 Top
Andrei Smolin


Add-in Express team


Posts: 19122
 Joined: 2006-05-11
Hello Adrian,

Ionut Adrian writes:
a C# .NET 472 sample program


.NET *applications* using 4.7.2 use TLS 1.3 out of the box. A class library doesn't.

There are two possibilities: 1) that workaround doesn't work any longer (for whatever reason), 2) your code isn't invoked at all. Add a debug message, say using System.Diagnostic.Debug.WriteLine(); you collect such messages at the run time using the DebugView utility.


Andrei Smolin
Add-in Express Team Leader
Posted 30 Jul, 2021 10:08:32 Top
Ionut Adrian


Guest


Ok, thank you, I'll try the debugging thing and come back with the results.
Posted 30 Jul, 2021 11:17:16 Top
Ionut Adrian


Guest


Hello Andrei,

Following this:
There are two possibilities: 1) that workaround doesn't work any longer (for whatever reason), 2) your code isn't invoked at all. Add a debug message, say using System.Diagnostic.Debug.WriteLine(); you collect such messages at the run time using the DebugView utility.


I added some logging messages to both the Addinmodule constructor and ClickTwiceModule constructor, logging the ServicePointManager.SecurityProtocol state before and after changing it. Here are the code and the log messages.


AddinModule 


public AddinModule()
        {
            Application.EnableVisualStyles();
            InitializeComponent();
            // Please add any initialization code to the AddinInitialize event handler

            LogWrite("AddinModule. Before. ServicePointManager.SecurityProtocol: " + ServicePointManager.SecurityProtocol.ToString());

            ServicePointManager.SecurityProtocol =
                SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls
                | (SecurityProtocolType)768 /*Tls 1.1*/
                | (SecurityProtocolType)3072 /*Tls 1.2*/
                | (SecurityProtocolType)12288 /*Tls 1.3*/;

            LogWrite("AddinModule. After. ServicePointManager.SecurityProtocol: " + ServicePointManager.SecurityProtocol.ToString());
        }


ClickTwiceModule 


public SetupCustomUIClickTwiceModule()
        {
            InitializeComponent();

            LogWrite("ClickTwiceModule. Before. ServicePointManager.SecurityProtocol: " + ServicePointManager.SecurityProtocol.ToString());

            ServicePointManager.SecurityProtocol =
                SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls
                | (SecurityProtocolType)768 /*Tls 1.1*/
                | (SecurityProtocolType)3072 /*Tls 1.2*/
                | (SecurityProtocolType)12288 /*Tls 1.3*/;

            LogWrite("ClickTwiceModule. After. ServicePointManager.SecurityProtocol: " + ServicePointManager.SecurityProtocol.ToString());
        }


Log 


AddinModule. Before. ServicePointManager.SecurityProtocol: SystemDefault
AddinModule.After. ServicePointManager.SecurityProtocol: Ssl3, Tls, Tls11, Tls12, Tls13
ClickTwiceModule. Before. ServicePointManager.SecurityProtocol: Ssl3, Tls
ClickTwiceModule. After. ServicePointManager.SecurityProtocol: Ssl3, Tls, Tls11, Tls12, Tls13
AddinModule. Before. ServicePointManager.SecurityProtocol: Ssl3, Tls
AddinModule. After. ServicePointManager.SecurityProtocol: Ssl3, Tls, Tls11, Tls12, Tls13


As expected, the code is invoked, but the updater log still shows the error: 


Add-in Express Updater Log File: 7/31/2021 10:17 AM

Updater version: 1.0.1
Command Line: C:ProgramDataxxx.addinD56A42970B3B430FA5F31744B87CD66B.0.1xxx.AddIn.updater.exe
Operating System: Microsoft Windows NT 6.2.9200.0
------------------------------------------------------------------------

10:17:56 Start
10:17:56 Downloader command line: /updaterPath="C:ProgramDataxxx.addinD56A42970B3B430FA5F31744B87CD66B.0.1xxx.AddIn.updater.exe" /updaterPID=4852 /sid="" /productDir="C:Program Files (x86)xxx" /silentMode="true" /pipeName="98d70dd1591f4b7596d840da3a46881b_1_0_1_UpdaterService" /appId="D56A42970B3B430FA5F31744B87CD66B" /updaterService="On"
10:17:56 Product registry key: SoftwareClickTwiceD56A42970B3B430FA5F31744B87CD66B
10:17:56 'Show Icon' is enabled.'
10:17:56 Loading custom actions: C:ProgramDataxxx.addinD56A42970B3B430FA5F31744B87CD66B.0.1ctionsSetupCustomUI.dll
10:17:56 Success.
10:17:56 Running the updater application...
10:18:06 The background thread started. The update mode: OnInterval
10:18:06 Thread check point 1: IsUpdatable = true
10:18:06 Thread check point 2: NextUpdateTime = 1/1/0001 12:00:00 AM
10:18:07 Thread check point 3: AutoUpdateEnabled = True, IsInstallingUpdate = 0, ConnectionsCount = 0
10:18:07 Thread check point 4: NextUpdateTime = 1/1/0001 12:00:00 AM
10:18:07 Set UI State: CheckingUpdates
10:18:07 Thread check point 5: RootUpdateUrl = https://xxx.yyy/addin/
10:18:07 Set UI State: CheckUpdates
10:18:07 Thread check point 10: NextUpdateTime = 7/31/2021 10:23:07 AM
10:18:07 Date and Time:         7/31/2021 10:18:07 AM
Machine Name:          ADI-XPS-NEW
IP Address:            fe80::b921:d294:105:a1be%12
Current User:          NT AUTHORITYSYSTEM

Application Domain:    xxx.AddIn.updater.exe
Assembly Codebase:     file:///C:/ProgramData/xxx.addin/D56A42970B3B430FA5F31744B87CD66B/1.0.1/xxx.AddIn.updater.exe
Assembly Full Name:    xxx.addin.updater.exe, Version=1.0.0.0, Culture=neutral, PublicKeyToken=4416dd98f0861965
Assembly Version:      1.0.0.0

Exception Source:      System
Exception Type:        System.Net.WebException
Exception Message:     The request was aborted: Could not create SSL/TLS secure channel.

---- Stack Trace ----
   at System.Net.WebClient.DownloadFile(Uri address, String fileName)
   at System.Net.WebClient.DownloadFile(String address, String fileName)
   at AddinExpress.Projects.Common.Utilities.DownloadFile(String url, String destFile, IWebProxy proxy)
   at AddinExpress.Projects.Common.Utilities.CheckForUpdates(Object module, String url, IWebProxy proxy, String appDir, CTVersionInfo& versionInfo, String currentVersion, String currentLanguage)
   at AddinExpress.Deployment.Updater.ADXUpdaterModule.CheckForUpdates(CTVersionInfo& versionInfo)
   at AddinExpress.Deployment.Updater.UpdaterEngine.updateWorker_DoWork(Object sender)


In https://www.add-in-express.com/forum/read.php?FID=5&TID=15706 I mentioned before, which presents the same issue, you said
The updater is built using .NET 2.0 which doesn't support Tls11 and Tls12. We will think on how we would fix this. As to now, you should use a channel that supports Ssl3 or Tls only.
and also
I expect a fix for this issue will be available in 3-4 weeks. An update: A new build is expected in 2-3 weeks after the New Year.
. This was back in December 2019. So was this updater issue fixed? If yes, is there any patch that can be downloaded and applied?
Posted 31 Jul, 2021 02:40:34 Top
Andrei Smolin


Add-in Express team


Posts: 19122
 Joined: 2006-05-11
Hello Adrian,

I've sent you an email asking for a way for us to test this issue on your server. Please check you Inbox.


Andrei Smolin
Add-in Express Team Leader
Posted 02 Aug, 2021 07:50:44 Top
Ionut Adrian


Guest


After help received from the Add-in Express team, the working solution is to add the ServicePointManager.SecurityProtocol line both in 
ClickTwiceModule1_OnInitialize
and in 
ClickTwiceModule1_OnUpdaterInitialize
.
So if an https server is used for publishing, you need to add a ClickTwice module, add the below code and use the module in custom actions of the publishing options. 


        private void ClickTwiceModule1_OnInitialize(object sender, ADXClickTwiceInitializeEventArgs e)
        {
            ServicePointManager.SecurityProtocol =
                            SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls
                            | (SecurityProtocolType)768 /*Tls 1.1*/
                            | (SecurityProtocolType)3072 /*Tls 1.2*/
                            | (SecurityProtocolType)12288 /*Tls 1.3*/;
        }

        private void ClickTwiceModule1_OnUpdaterInitialize(object sender, ADXClickTwiceUpdaterInitializeEventArgs e)
        {
            ServicePointManager.SecurityProtocol =
                            SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls
                            | (SecurityProtocolType)768 /*Tls 1.1*/
                            | (SecurityProtocolType)3072 /*Tls 1.2*/
                            | (SecurityProtocolType)12288 /*Tls 1.3*/;
        }
Posted 13 Aug, 2021 09:46:19 Top
Dmitry Kostochko


Add-in Express team


Posts: 2887
 Joined: 2004-04-05
Hello Adrian,

Thank you for posting the correct solution!
Posted 16 Aug, 2021 03:33:25 Top