The client and server cannot communicate, because they do not possess a common algorithm on Windows Server Web 2008
Are you using Windows 2008 non R2? TLS 1.2 is not supported on Windows 2008. You have to upgrade to Windows 2008 R2 or above if you need TLS 1.2 support
You can view TLS support for different versions of Windows here:
http://blogs.msdn.com/b/kaushal/archive/2011/10/02/support-for-ssl-tls-protocols-on-windows.aspx
Related videos on Youtube
19 : 29
02 : 20
03 : 16
07 : 17
14 : 46
01 : 08 : 51
01 : 11
sohaiby
When not seeking attention, I write code for the living. Tags: ASP.Net, Javascript, SQL, MS Dynamics & Power BI. Blog | LinkedIn | Github | Twitter
Updated on September 18, 2022Comments
-
sohaiby over 1 year
I am working on a ASP.Net WebForms application. We are using PayFort's Start API for the payment process. The application is running fine on our local machine (Windows 10) but it shows following error when we try to make payment using their API on our deployment server (Windows Server Web 2008).
The client and server cannot communicate, because they do not possess a common algorithm.
The documentation on their webpage (PayFort Start and SSL/TLS) states that they use Tls1.2 for the communication. Their API already contains the code to use Tls1.2 as Security Protocol
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;We've built the application on .Net framework 4.5 since
Tls1.2only supported by .Net 4.5 or later. Needless to mention, our server has .Net Framework 4.5 installed in it.
We've also added the registry values for Tls1.1 and Tls1.2 in the windows registry
Using the SSL Labs tool, we've also confirmed that there are atleast two Cipher suites supported by both servers (our server and PayFort's API Server) (https://api.start.payfort.com)
Cipher suites supported by PayFort's API Server
(Green outlined are those which are common with our server)
Cipher Suites supported by our server
I've also used the Nartac IIS crypto software and it's showing the following info asBest Practices
I'm not sure if it has anything to do with the problem or not, but here are the details of the SSL certificate installed in our server
Can anyone please point out that what we are doing wrong and what should we do in order to communicate with the desired server and make payment from the application deployed on our server as we are doing perfectly on our local machine. -
sohaiby over 8 yearsThis exactly what the problem is. We tried everything to communicate using Tls1.2 on
Windows Server 2008 standardbut without any success (obviously). Finally we installedWindows Server 2012and everything working fine now! -
Bernhard over 5 yearsold thread, but SP2 for server 2008 seems to enable tls 1.1 & 1.2
