Post reply

Forcing SSDT/SSIS to use TLS1.2

  • November 2, 2018 at 5:11 am

    #376230

    I'm having a problem on SSIS where I#m connecting to an externally hosted web service. This used to work fine, however, the external company have upgraded their Dev system to only use TLS1.2, and as a result the SSIS package is now failing.

    When I try to download the WSDL file in the Web Service Task Editor, I get the error "SSL certificate response obtained from the server was not valid. Cannot process the request." If I download the file manually (i.e. via a webbrowser and then run the package, I also get the same error.

    I created a script task at the start of the Package, which simply run the c# code:
    System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls12;
    This, however, also has no effect; I still get the SSL error. I know, however, that changing the Security Protocol works, as a C# project we have works fine against the Dev Web Service, provided the above code is used before the service is called.

    I've also tried adding the DWORD SchUseStrongCrypto with the value 1 to the .NetFramework keys (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\{Any and all version numbers I had} and HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\{any and all version numbers I had}). Even after a a restart this had no effect.

    Anyone know how to force SSIS/SSDT to use TLS1.2; specifically with a Web Service Task? I'm using Visual Studio/SSDT 2017.

    Thom~

    Excuse my typos and sometimes awful grammar. My fingers work faster than my brain does.
    Larnu.uk

  • November 2, 2018 at 10:29 am

    #2012227

    A more recent link about tls 12
    What version of ssis?

  • November 2, 2018 at 11:16 am

    #2012240

    Jo Pattyn - Friday, November 2, 2018 10:29 AM

    A more recent link about tls 12
    What version of ssis?

    Looks like that covered what i had already tried in the c# snippet above. I ended up coding the entire web service call in C# instead and parametrising it. Didn't really want to reinvent the wheel, but nevermind.

    Thom~

    Excuse my typos and sometimes awful grammar. My fingers work faster than my brain does.
    Larnu.uk

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply