Solution for Is there a way to connect using a cipher suite not supported by the server?
is Given Below:
I have a C# application running on a Windows 2012 R2 server that needs to post requests to a partner.
It’s failing at WebRequest.GetRequestStream() with The request was aborted: Could not create SSL/TLS secure channel.
I can get results through Postman on the same servers. My best guess is that the cause is from a mismatch of cipher suites.
From https://www.ssllabs.com/, the only supported cipher suites are:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp256r1 (eq. 3072 bits RSA) FS 128
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp256r1 (eq. 3072 bits RSA) FS 256
These two aren’t available with 2012 R2.
I’m seeing instructions on how to restrict cipher suites on the servers, but not adding them.
Is there a way to add new cipher suites from the program?
Please try this update on the server: https://support.microsoft.com/en-us/topic/update-adds-new-tls-cipher-suites-and-changes-cipher-suite-priorities-in-windows-8-1-and-windows-server-2012-r2-8e395e43-c8ef-27d8-b60c-0fc57d526d94 – While I cannot try it myself it looks promising.
The suites added are listed in the middle of this article.