Solution: Invoke-WebRequest : The request was aborted: Could not create SSL/TLS secure channel.


You are running Invoke-WebRequest and hit with “Could not create SSL/TLS secure channel”, It simply means TLS 1. 2 is not being used.

Windows selects most strong cryptography from the list. How do you know what’s your crypto list?

Display the list of cryptos form this .Net Class variable:

PS E:> [Net.ServicePointManager]::SecurityProtocol
Tls, Tls11, Tls12

My computer shows three cryptos and most strong one is TLS 1.2. If you get the above error message ( “Could not create SSL/TLS secure channel” ), that means the most strong crypto is not supported by the web site you are accessing. (Is Tls12 missing?)

Since this is PowerShell, you can fix it two ways. For temporarily enable TLS 1.2 and make a Invoke-WebRequest,

Run this command before you run Invoke-WebRequest cmdlet. Young only need to set the security protocol to TLS 1.2 only once in the script.

[Net.ServicePointManager]::SecurityProtocol =[Net.SecurityProtocolType]::Tls12

Obviously when you finish running the script, security protocol assignment is lost. It goes back to computer’s default setting.

If you need to make it permanent, you could add TLS 1.2 in the cryptography list in Registry. Open PowerShell in Administrative mode (Run as Admin), then add these registry entries:

Set strong cryptography on 64 bit .Net Framework (version 4 and above)

Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord 

Set strong cryptography on 32 bit .Net Framework (version 4 and above)

Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord  

You have close all PowerShell Windows and reopen it to take effect the registry settings.

Did that help? leave me a reply.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s