Login/Register
TF400324: Team Foundation services are not available. Could not create SSL/TLS secure channel
Asked Answered
Solved visual-studiossltfstls1.2
S

1

9

TFS SSL/TLS Issue

TF400324:Team Foundation services are not available from server xxxx Technical information (for administrator): The request was aborted: Could not create SSL/TLS secure channel

Some of our developers are getting the error above whilst working with TFS but only after having Visual Studio open for about 5-10 minutes. We are currently working around this issue by closing and opening Visual Studio as it seems to be connecting fine just after openning.

Note that this is not all of our developers and all developers are on the latest version of visual studio version 15.9.1 and the TFS server is 2015.

Our tfs website where we manage our sprint boards is fine and the certificate is valid until 2020. We recently updated our certificate to a wildcard e.g. *.mywebsite.com.

What we have tried:

  • IIS Crypto 2.0 from Nartac Software to check Protocols/Ciphers on clients and servers

  • Clearing the TFS cache folders on the client machines

  • A complete fresh install of visual studio, sign in and connection to TFS

  • Regedit HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319: SchUseStrongCrypto for both 32bit and 64 bit. Found here https://johnlouros.com/blog/enabling-strong-cryptography-for-all-dot-net-applications

  • Using a different microsoft login (also verified that mine works on other machines)

None of the above have solved the issue. What is puzzling me the most is that it works for a period of time before displaying the error, once the error has been displayed it seems that it never tries to reconnect to the TFS server so requires a fresh instance of visual studio before it attempts and successfully reconnects.

Saltzman answered 16/11, 2018 at 17:9 Comment(7)
I updated to 15.9.1 Friday and started seeing this problem. I was off yesterday, but found update 15.9.2 available today. I installed it, and TFS connection seems to stay up now.Sollars
Never mind, 15.9.2 did not solve the problem.Sollars
Thanks for the update. I was going to try out 15.9.2 to see if it would work. I have re-installed 15.8.9 for the meantime until they fix this issue!Saltzman
getting the same error when trying to do msdeploy to the server with self-signed certificate. Started with 15.9.1 release...Hadik
Make sure the system times are in sync. A several minute difference can cause TLS to fail.Novobiocin
15.9.3 here and I have the issue.Bloodstream
this seems to be fixed in 15.9.4: learn.microsoft.com/en-us/visualstudio/releasenotes/…Hadik
H
3

I found the answer here: https://developercommunity.visualstudio.com/content/problem/356394/tls-10-the-request-was-aborted-could-not-create-ss.html

The issue happens because VS 15.9 attempts to use system defaults for TLS handshake, but it is being to set to TLS1.2 somewhere within VS. While Microsoft works on a fix, you can work around this by setting this registry key

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]

"SystemDefaultTlsVersions"=dword:00000000

This should force .net to use system defaults (rather than TLS 1.2) and that should help negotiate gracefully down to TLS 1.0 if the TFS server is set to support only TLS 1.0.

That worked for me for VS 15.9.3 just fine (needed to restart VS though).

Hadik answered 6/12, 2018 at 1:41 Comment(2)
I'm not finding such registry key under [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]Burris
I had the problem after the latest VS2017 update. After creating the key (wasn't there before), it worked again.Cockloft

© 2022 - 2024 — McMap. All rights reserved.