error The request was canceled: A secure channel for SSL / TLS could not be created on create new TelegramBotClient

[gersonfreire]

I have a question or need help

Please DO NOT post it! We don't provide support in GitHub issues any more.

We would be happy if you join our group chat on Telegram and ask the community to help.

If you open an issue asking for support, the issue would be closed without providing any answer.

[Ayanami251379]

I have the same error. I am adding my report based on the but report guidelines.

Steps to reproduce:
Download Telegram.Bot repo
Include in project
Add calls to project
Run application
Expected behavior
Receive messages from Telegram users.
Actual behavior
Receiving Error: "An error occurred while sending the request." & vbCrLf & "The request was aborted: Could not create SSL/TLS secure channel."
Screenshots

Environment data
Latest Telegram.Bot (Version 15.3.0, Last update 2020-02-01)
Compiler, Visual Studio 2017
.Net Version 4.5
App: Windows 10 (Desktop, Modified console app)

[Chrislie7]

@Ayanami251379 i have some problem but im on production, Maybe anyone can help?

[Serproger]

The same problem reproduces for old library version (14.10.0). Our bot isn't working.

[zkolobov]

same issue. any updates?

[bukanfarid]

Well same here. but my application works just fine around 18 hours ago with old library version (13.x.x).
Updated to the latest version but still not working.

[Mahdi-Farhani]

@bukanfarid Me 2, My bot works fine about 12Hrs ago I've used V14.x.x
also, I update to the new version but it won't work

[Sitedh]

I have some issue, that appeared this morning
Version of Telegram.Bot: 14.10.0.0
.Net Version: 4.6.1
System: Windows 10
App type: Console

[Chrislie7]

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;

before :
var me = await Bot.GetMeAsync();

this is working for me

[bukanfarid]

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12

Thanks for your reply @Chrislie7 , i tried it and it working like a charm! 👍

[Ayanami251379]

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;

before :
var me = await Bot.GetMeAsync();

this is working for me

I can confirm this is working for me as well, thank you @Chrislie7
I added the security change outside the TelegramBot library as the correct dependency is not part of the TelegramBot library.

[tuscen]

So, the problem is due to Telegram disabling everything older than TLS v1.2 (which is not used as the default in .NET Framework 4.5). The best way to mitigate this problem is to update to .NET Framework 4.6-4.8 or even to .NET Core 3.1 (this is preferrable if you can do that).

If you can't upgrade your system or .NET Framework to a newer one there might be a solution. One of the members in our group came up with a guide how it can be mitigated:

So, this is the final instruction for those who faces the problem "The request was aborted: Could not create SSL / TLS secure channel"

Windows 7 / Server 2008 R2:

1. Update your system.

2. If you use .NET Framework 4.5, add this line somewhere before you initialize TelegramBotClient:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

or target .NET Framework 4.6 and higher to use TLS 1.2 as default.

3. If the error is still here, try to follow these instructions to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows (https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi) (but this didn't work for me until I updated my system).

Windows 8.1/Server 2012 R2 and higher:

• use step 2 of instructions above.

[VladAlexaRW]

My thanks to both @Chrislie7 and @tuscen . The solution provided works for .NET Framework 4.5.1

[amoamare]

This is not working for me, even forcing Tls12 as you can see here
Version of Telegram.Bot: 15.3.0
Windows Server 2012 R2 Version 6.3 (Build 9600)
Framework installed: 4.8
Targeted Framework: 4.8
App Type: GUI

Forced Tls12 and tried to enable all of them
Just for testing in the I added the following to ensure as well.

ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls13;

Created my own httpClient to pass to the bot, nothing works. Continuously getting this error since
2/5/2020 at approx 11:00PM MST works perfectly fine on Windows 10 and Windows 10 server

Even tried creating my own httpClient to pass to it including handler with Customer validation callback set to always true just to see if that would do anything (pretty sure it wouldn't have but ruling it out)

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
HttpClientHandler _httpClientHandler = new HttpClientHandler
        {
            UseProxy = false,
            ServerCertificateCustomValidationCallback = (HttpRequestMessage arg1, X509Certificate2 certificate, X509Chain arg3, SslPolicyErrors sslPolicyErrors) => { return true; }
        };
            _httpClient = new HttpClient(_httpClientHandler, false);
            Client = new TelegramBotClient("xxxxxxxxxxxxxx", _httpClient);

            var assembly = Assembly.GetExecutingAssembly();
            var attributes = assembly.GetCustomAttributes(typeof(TargetFrameworkAttribute), false);
            var target = (TargetFrameworkAttribute)attributes[0];
            AppendText($"Target Framework: {target.FrameworkDisplayName}");
            AppendText($"Enabled Protocols: {ServicePointManager.SecurityProtocol}");

   Telegram.Bot.Types.User me;
            try
            {
                me = await Client.GetMeAsync();
            }
            catch(Exception ex) <- caught here.
            {
                AppendText(ex.ToString());
            }

The bot is also targeting dotnet 4.8

[amoamare]

Just a quick update, I was able to resolve my issue on my Windows Server in case anyone else that may be having the same issue as me.

It appears that TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 must be enabled and you can enable this using IISCrypto
Just to be clear this was not a requirement to have before, not sure why it is now.

[Dragonsangel]

Additionally to what @amoamare said, these are the only ciphers that are currently (2020/02/07) usable for TLS1.2 for the API (Viewable on the SSL Labs site):

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)

For those on Windows Server 2012 R2, forget trying to find the first three since they are only available from Windows Server 2016 onwards.
Enabling one of the last two will allow your connections to work.

Additionally, the error message that I got was different than the one reported here, but all had to do with TLS configurations. Adding it here for the searches and knowledge.

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception: The message received was unexpected or badly formatted
this was due to the missing ciphers and the server then not responding with a "Server Hello" but with a "Fatal Alert: handshake_failure" response.

[Scryptor]

Hi, i have solved this problem, setting my dns to google 8.8.8.8 and 8.8.4.4
And everything started to work
Before it you shoud use .net >= 4.6.1 or write this in your c# program,

  public Form1()
        {

            InitializeComponent();
            ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12; // in .net 4.6 it's default, in 4.5 this code you need to use
        } 

Sorry for my english )

[ahvahsky2008]

Set dns names to 8.8.8.8 - all works!!!

[drrobincroft]

This is not working for me, even forcing Tls12 as you can see here Version of Telegram.Bot: 15.3.0 Windows Server 2012 R2 Version 6.3 (Build 9600) Framework installed: 4.8 Targeted Framework: 4.8 App Type: GUI

Forced Tls12 and tried to enable all of them Just for testing in the I added the following to ensure as well.

ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls13;

Created my own httpClient to pass to the bot, nothing works. Continuously getting this error since 2/5/2020 at approx 11:00PM MST works perfectly fine on Windows 10 and Windows 10 server

Even tried creating my own httpClient to pass to it including handler with Customer validation callback set to always true just to see if that would do anything (pretty sure it wouldn't have but ruling it out)

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
HttpClientHandler _httpClientHandler = new HttpClientHandler
        {
            UseProxy = false,
            ServerCertificateCustomValidationCallback = (HttpRequestMessage arg1, X509Certificate2 certificate, X509Chain arg3, SslPolicyErrors sslPolicyErrors) => { return true; }
        };
            _httpClient = new HttpClient(_httpClientHandler, false);
            Client = new TelegramBotClient("xxxxxxxxxxxxxx", _httpClient);

            var assembly = Assembly.GetExecutingAssembly();
            var attributes = assembly.GetCustomAttributes(typeof(TargetFrameworkAttribute), false);
            var target = (TargetFrameworkAttribute)attributes[0];
            AppendText($"Target Framework: {target.FrameworkDisplayName}");
            AppendText($"Enabled Protocols: {ServicePointManager.SecurityProtocol}");

   Telegram.Bot.Types.User me;
            try
            {
                me = await Client.GetMeAsync();
            }
            catch(Exception ex) <- caught here.
            {
                AppendText(ex.ToString());
            }

The bot is also targeting dotnet 4.8

I have finally solved this awful problem by updating windows. Believe me, adding some code or forcing tls 1.2 do not work. The only reason for this is your operating system lack some basic libraries or something like to support the communication with telegram interface.
Therefore, you should download updating packages for your windows. Take my computer with win 7 as an example, download the latest updating package collection UpdatePack7R2.exe and run it. It is big and the installation time is very costly. It may be hours. There are also many reboots. The only thing you can do is waiting. After all is done, running your program and you will find everything is fine.
Let's praise Microsoft and Telegram!

[wiz0u]

Duplicate of #868