cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1185
Views
0
Helpful
3
Replies

AXL Queries against CUCM 9.1 suddenly get 'Could not create SSL/TLS secure channel' error

Cary Hatteberg
Level 1
Level 1

I have a VB .NET application that uses AXL/SOAP to query the CUCM tables. It has been working on CUCM versions 9.x, 10.x, and 11.x, since version 9.x was released. It is used by many of our customers with their custom implementations of one or more CUCMs. Some customers use more than one version of CUCM.

Since June 2016, more of our customers using specifically version 9.1 CUCM are getting 'The request was aborted: Could not create SSL/TLS secure channel.' errors when using our application. Some of these same customers, have newer CUCMs that are able to query the CUCM successfully.

I am not sure why this is happening. I ran the application in a Cisco Sandbox for CUCM 9.1 and it is able to query the CUCM fine.

3 Replies 3

Cary Hatteberg
Level 1
Level 1

What we have found so far is that it seems to be related to the MS .NET authentication with the SSL key, where it is now considered too short and thus unable to authenticate it. So, we created a work around by using OpenSSL to create the SSL connection. 

How can we use this work around? What changes have to be made, exactly.

VB.NET uses the same access method and settings as IE.

See this link for how to add a registry entry to shorten the Diffie-Hellmen key length.

https://supportforums.cisco.com/discussion/13074916/unable-access-call-manager-version-91212900-11-internet-explorer

Graham