NOP3.90 - Could not create SSL/TLS secure channel.

Hi. I'm upgrading NOP from 3.30. to 3.90. Everythings works fine except a plugin payment customized by me that execute a webrequest.

Below is the code that work on a test installation: it runs well for 3.30 but not for 3.90.

An exception of "Could not create SSL/TLS secure channel."  at this line  "Stream sout = req.GetRequestStream()"


I'm becoming crazy !!!


public static string HttpPost(string url, string postData, string saveTo = "")
        {
            postData = postData.Replace("\r\n", "");
            try
            {
                WebRequest req = WebRequest.Create(url);              
                byte[] send = Encoding.Default.GetBytes(postData);
                req.Method = "POST";
                req.ContentType = "application/x-www-form-urlencoded";
                //req.ContentType = "text/xml;charset=\"utf-8\"";
                req.ContentLength = send.Length;

//--------------------> HERE exception is thrown
                 Stream sout = req.GetRequestStream();
//-------------------->

                    sout.Write(send, 0, send.Length);
                    sout.Flush();
                    sout.Close();


                WebResponse res = req.GetResponse();  
                StreamReader sr = new StreamReader(res.GetResponseStream());
                string returnvalue = sr.ReadToEnd();
                if (!string.IsNullOrEmpty(saveTo))
                    File.WriteAllText(saveTo, returnvalue);

                //Debug.WriteLine("{0}\n{1}", postData, returnvalue);
                return returnvalue;
            }
            catch (Exception ex)
            {

                return ex.Message.ToString();
            }
        }

Hey,

What's this plugin about?

I think you need to add the security protocol type Tls12

WebRequest req = WebRequest.Create(url);               
byte[] send = Encoding.Default.GetBytes(postData);
req.Method = "POST";
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Divyang is right...you must establish the TLS1.2 channel. You can do it as he described by adding it into your project, or you can add this script to your Global.asax and restart your application:

<script runat="server">
    void Application_Start(object sender, EventArgs e)
    {
        // Code that runs on application startup
  System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
    }
</script>

Please note that the following code is run in version 3.90 during startup. So it doesn't require additional coding:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

Hi. First of all, thank you.

PLUGIN description
The plugin is a customization of checkMoneyOrder Payment plugin reserved for our resellers that implement PostProcessPayment method to make a webrequest to vendor API.

The plugin works right now in production without any indication of TLS in NOP 3.30.

We are upgrading NOP on version 3.90: to do this i upgraded the plugin to 3.90, recompiled it and deploy in my IIS express installation.

To assure that the problem is not caused by the test environment (my notebook) i installed the NOP3,30 (the same version in prodcution - i've not recompiled it, just copied files and db): it works without any indication on TLS.

I think that the malfunction is caused by something new in package.

Thank you again for your support.

IT WORKS !!!

a.m. you're right !!!

I putted this"ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;" before "WebRequest.Create(url);"  


The API i call is in TLS 1.0 version.

Thank you GUYS !!!