The request was aborted: Could not create SSL/TLS secure channel.

contacts

#1

Hello,
I have this issue "The request was aborted: Could not create SSL/TLS secure channel." when I make a POST request to this API https://api.hubapi.com/contacts/v1/contact/email
I saw a similar problem on the Hubpot forum https://integrate.hubspot.com/t/the-request-was-aborted-could-not-create-ssl-tls-secure-channel/8219
This was solved 3 days ago.
Please can you tell me how to fix this issue?


#2

This was fixed by someone from Hubspot. They sent me an email indicating there was a configuration error on one of their servers in the server pool. After they corrected the config error, I haven't had any errors. The issue was corrected on 2/26


#3

Hello,
I am experiencing a similar issue: Part of requests to the Hubspot Contact API fails.
My web app is written on ASP.net Web API. I am getting same exception as above (The request was aborted: Could not create SSL/TLS secure channel.) and as in topic created by andrew.wilinski

The strange thing is errors started to occur on Dec, 20, 2017 and since then I am getting ~10 error reports every day. And there was no modifications to the code on my side. Dear Hubspot Technicians, can you help me with that? I mean, if you can take a look and see if those requests were aborted by some security reasons on your side or not?

Here is the info about one of the failed requests, you asked andrew.wilinski to provide it in the linked topic:
IP address 54.186.13.47
DateTime 3/12/2018 9:00:41 PM UTC
Request URL https://api.hubapi.com/contacts/v1/contact/vid/826226/profile?portalId=733513

Thanks in advance.


#4

Hi @yurii.chernukha,

Thanks for your patience here; can you give me some more details on the type of request you're making? Is the Could not create SSL/TLS secure channel error coming from the response, or from your error logging? The issue that andrew.wilinski and I were working on has been resolved, so even though the error is the same it's likely a separate issue.

Also, I'm not particularly familiar with the asp.net web API. Is it possible you're running an older version of .NET?
Re: https://stackoverflow.com/questions/41478506/issue-to-use-tls-1-2-in-net-framework-4-0


#5

thanks a lot. so if i might have some questions, you might help? i mean... since you have succeeded to resolve the issue...


#6

Hi @Freard,

I'd be happy to help get to the bottom of this issue if you're struggling with the same problem. The underlying cause of the original issue that Andrew was experiencing was fixed, so if you're still seeing this type of error then it's likely for a different reason. Can you give me some more details on your setup and the errors your seeing?


#7

@Derek_Gervais

Thank for your response.

I am making GET requests to the https://api.hubapi.com/contacts/v1/contact/vid/826226/profile?portalId=733513

Error is coming from my error logging, not from response.
Usually errors of this type mean that our server cannot validate SSL certificate of the your (hubspot server) where request is being submitted. But in this case it only happens sometimes so I think SSL certificate is not the reason.

And we are using latest or almost latest version of .net, and all those different protocol types from stackoverflow link you shared, are enabled.

Can you please specify which details of the request can be helpful for you?
I was hoping that you can check your error logging system using exact request time I have posted above to know the reason why it request was denied.

Thanks.


#8

Hi @yurii.chernukha,

So just to be clear, you're specifying ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; and using .NET 4.5, or specifying ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11; and using .NET 4.0?

If that's the case, then I would also recommend checking that your root certificate authority is up to date. The HubSpot API has a valid SSL certificate, but it's possible that your server might not be able to trace our certificate to a trusted root CA: https://www.digicert.com/help/?host=api.hubapi.com

If all that checks out, I can try to dig into a specific request for more details. Our logs only go back for a week or so, so if you could give me a more recent example that would be very much appreciated!


#9

@Derek_Gervais

Thanks for investigating my issue so deeply.

  1. In our app we are using .net 4.5, and allow all security protocols you mentioned.
  2. I am sure that root certificate authority is up to date, it updated automatically.

I think in case of wrong setup all the requests have to fail, not just a part of them.

Here are the details about one of the recent requests:
IP address 54.186.13.47
DateTime 3/28/2018 10:02:08 PM UTC
Request URL https://api.hubapi.com/contacts/v1/contact/vid/25070376/profile?portalId=733513
Request type GET

Hope you will be able to find something.


#10

Hi @yurii.chernukha,

Thank you for your patience here. I'm currently digging into this with my team; I'll reach out here with any updates or if I need any additional information.


#11

Hi @yurii.chernukha,

So sorry for the delay here. Things got busy and this slipped under my radar. Unfortunately I don't have any major revelations for you. I dug into this with my team, and here's what we were able to find:

  • Because the connection is aborted before any information reaches our servers, it's not possible to collect logs on our end. We don't have any logs of these requests on our end, so we can't do any investigation on the HubSpot side.
  • One thing that we noticed was that if you were not ever retrying these requests, it might artificially inflate the error rates above the normal margin of error (since you wouldn't get a successful request after retrying). Might be a shot in the dark, but can you double check that you're retrying the requests shortly after seeing these errors?
  • Another possibility: SSL depends on both parties having synchronized clocks. Is it possible that there's a server on your end with an incorrect time? If your services are hosted on a cluster of servers, perhaps there's one with an incorrect time?

Outside of these possibilities, there isn't really anymore troubleshooting that I can easily do, since we've exhausted the information in HubSpot. If you can't find more information by troubleshooting the details of your implementation, I might consider adding more verbose logging and investigating with your hosting provider.


#12

@Derek_Gervais

Thanks for your answer. That's sad you did find anything. I will follow your advice and add extended logging. I hope we will be able to continue this discussion if I get more info. Thanks for your time.


#13

Hi @Derek_Gervais, we use .net 4.5 and experience the same issue. I tried to apply all advises from this thread, but still this issue appears. It is NOT reproduced on local environment, what makes it hard to investigate and fix. I tried to apply all four SSL/TLS protocol version, still reproduced.
If we have an issue with TLS or root certificate - then, the issue would be reproduced all the time. So, it looks that on our end everything works ok, no issues locally.
Please, advise why it might happen and what should be done for deeper investigation and finally fix the issue.