third party disabled support of SSLv3 due to the POODLE security

Hello,

We have an application which calls third party Webservice to fetch documents and update status.

It was working all correct up to last month . The third party  disabled support of SSLv3 due to the POODLE security vulnerability and advised that carriers remove any HTTPs:// connections using SSLv3 and upgrade to at least TLS 1.0.

 Since then whenevr our applictaion tries to send request to the third party service we get below error

System.ServiceModel.CommunicationException: An error occurred while making the HTTP request to https://xxx This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Received an unexpected EOF or 0 bytes from the transport stream.

We are running Windows 2008 R2. I used Wireshark and I confirm that TLS 1.0 is used. What can cause this issue?

Thanks for help
Salim
slimard01Asked:
Who is Participating?
 
slimard01Author Commented:
The solution was to upgrade the .NET client to version 4.5.1. It was running .NET 4 extended.

It is now working fine
0
 
McKnifeCommented:
The 3rd party should be able to advise, shouldn't it? I would like to see what they say, first.
0
 
slimard01Author Commented:
This is what I think as well but it is ping pong game. So any advice on how to fix this, is welcome
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
McKnifeCommented:
A ping pong game? So instead of telling you how to work with their new setup they invite you to play ping pong? They must have said at least somthing useful - what was it?
0
 
GaryCommented:
You need to specify the SSL type in your app to use only TLS else it will default to SSL

http://msdn.microsoft.com/en-us/library/system.net.servicepointmanager.securityprotocol.aspx
0
 
slimard01Author Commented:
The solution was to upgrade the .NET client to version 4.5.1. It was running .NET 4 extended.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.