WSEE Installer
After setting up forward secret TLS/SSl on WinServer 2022 (with your WSEE installer), I’m now getting this error;
‘Could not create SSL/TLS secure channel while validating the WSEE Installer license. Restart the server to resolve this issue.
System.Net.WebException
The request was aborted: Could not create SSL/TLS secure channel.
Web Exception Status: 10 (SecureChannelFailure)’
I’m also having issues trying to connect clients before or after implementing for secrecy script ‘setupiisforsslperfectforwardsecrecy_v3.0.1.ps1’
Can you advise, a fix for both isuues?
Regards
Brendan
- Brendan asked 2 years ago
- last edited 2 years ago
- You must log in to post comments.
As stated within the error message, have you tried restarting both your server and client machines?
Other than that, you can try manually adding the following .NET Framework TLS settings to the registry of both your server and clients (and then reboot them!) to see if that helps you out any:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
Lastly, I have an article posted here, that walks you through enabling TLS 1.2 on Windows Server Essentials using the WSE RemoteApp add-in. WSE RemoteApp takes care of setting everything up for you on the server (and provides a link to download the above registry settings as a .REG file allowing you to easily add them to your client PCs).
- Mike answered 2 years ago
- You must log in to post comments.
Thanks Mike,
The issue turned out to be the order of ciphers I used to try and resolve the client connector issues I’m having.
It seems if you change to order of the ciphers in GPO it causes the WSSE to fail SSL/TLS. Once I changed the order back to the default and cleared the alert in the dashboard – after reboot, WSSE validation connection was restored.
I still haven’t solved the client connection issue – but I will get there eventually.
BTW, thank you for your commitment to this project – outstanding work !
- Brendan answered 2 years ago
- last edited 2 years ago
- You must log in to post comments.