Could not establish trust relationship for the SSL/TLS secure channel Error
Sample Error
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel
OR
The remote certificate is invalid according to the validation procedure
OR
The remote certificate is invalid according to the validation procedure
Solution or Workaround
If your website, Asp.Net application, or PDshop encounters one of the above error messages while trying to communicate with another server or API, you may need to Contact Us for help. These errors often indicate that the web server hosting your site does not support one or more modern Protocols, Ciphers, Hashes, or Key Exchanges. This can be a sign that your hosting server is an older server that needs to be updated, or it's settings need adjustment.
In order to establish remote SSL or TLS connections, your web server should support the following:
TLS Protocols that should be enabled:
TLS 1.0
TLS 1.1
TLS 1.2
Ciphers that should be enabled:
Triple DES 168
AES 128/128
AES 256/256
Hashes that should be enabled:
MD5
SHA
SHA 256
SHA 384
SHA 512
Key Exchanges that should be enabled:
PKCS
ECDH
Because resolving errors related to TLS/SSL can be complex, please contact our IT Services team for help.
In order to establish remote SSL or TLS connections, your web server should support the following:
TLS Protocols that should be enabled:
TLS 1.0
TLS 1.1
TLS 1.2
Ciphers that should be enabled:
Triple DES 168
AES 128/128
AES 256/256
Hashes that should be enabled:
MD5
SHA
SHA 256
SHA 384
SHA 512
Key Exchanges that should be enabled:
PKCS
ECDH
Because resolving errors related to TLS/SSL can be complex, please contact our IT Services team for help.
Related Articles
Other Resources
Related Topics
Search for help...