third party disabled support of SSLv3 due to the POODLE security

Hello,

We have an application which calls third party Webservice to fetch documents and update status.

It was working all correct up to last month . The third party  disabled support of SSLv3 due to the POODLE security vulnerability and advised that carriers remove any HTTPs:// connections using SSLv3 and upgrade to at least TLS 1.0.

 Since then whenevr our applictaion tries to send request to the third party service we get below error

System.ServiceModel.CommunicationException: An error occurred while making the HTTP request to https://xxx This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Received an unexpected EOF or 0 bytes from the transport stream.

We are running Windows 2008 R2. I used Wireshark and I confirm that TLS 1.0 is used. What can cause this issue?

Thanks for help
Salim
slimard01Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
The 3rd party should be able to advise, shouldn't it? I would like to see what they say, first.
0
slimard01Author Commented:
This is what I think as well but it is ping pong game. So any advice on how to fix this, is welcome
0
McKnifeCommented:
A ping pong game? So instead of telling you how to work with their new setup they invite you to play ping pong? They must have said at least somthing useful - what was it?
0
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

GaryCommented:
You need to specify the SSL type in your app to use only TLS else it will default to SSL

http://msdn.microsoft.com/en-us/library/system.net.servicepointmanager.securityprotocol.aspx
0
slimard01Author Commented:
The solution was to upgrade the .NET client to version 4.5.1. It was running .NET 4 extended.

It is now working fine
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
slimard01Author Commented:
The solution was to upgrade the .NET client to version 4.5.1. It was running .NET 4 extended.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Services

From novice to tech pro — start learning today.