Getting error "the client and server cannot communicate, because they do not possess a common algorithm" on .Net Framework 4.0 with TLS 1.2 settings and using Apache.NMS 1.7.1 and Apache.NMS.ActiveMQ 1.7.2 Nuget packages

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Getting error "the client and server cannot communicate, because they do not possess a common algorithm" on .Net Framework 4.0 with TLS 1.2 settings and using Apache.NMS 1.7.1 and Apache.NMS.ActiveMQ 1.7.2 Nuget packages

adongare
Hi team,

Getting error "the client and server cannot communicate, because they do not
possess a common algorithm" on .Net Framework 4.0 with TLS 1.2 settings and
using Apache.NMS 1.7.1 and Apache.NMS.ActiveMQ 1.7.2 Nuget packages

I am trying to connect ActiveMQ server after migrating my code to TLS 1.2
and getting below error while creating the session. Below line is erroing
out.

this.Session = this.Connection.CreateSession(acknowledgementMode);

Below is my c# code:

protected virtual void CreateSession(AcknowledgementMode
acknowledgementMode)
                {
            ServicePointManager.SecurityProtocol =
(SecurityProtocolType)3072 | SecurityProtocolType.Tls;
           
                        var connectionFactory = new NMSConnectionFactory(this.BrokerUri);

                        this.Connection = connectionFactory.CreateConnection();
                        this.Session = this.Connection.CreateSession(acknowledgementMode);
                        this.Destination = this.Session.GetDestination(this.DestinationName,
this.DestinationType);
                }

Below is Error stack trace:

System.Security.Authentication.AuthenticationException: A call to SSPI
failed, see inner exception. ---> System.ComponentModel.Win32Exception: The
client and server cannot communicate, because they do not possess a common
algorithm
   --- End of inner exception stack trace ---
   at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken
message, AsyncProtocolRequest asyncRequest, Exception exception)
   at
System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken
message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32
count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst,
Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult
lazyResult)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost,
X509CertificateCollection clientCertificates, SslProtocols
enabledSslProtocols, Boolean checkCertificateRevocation)
   at Apache.NMS.ActiveMQ.Transport.Tcp.SslTransport.CreateSocketStream()

the attached image has TLS 1.2 setting  on my development machine:

<http://activemq.2283324.n4.nabble.com/file/t379703/TLS-settings.png>
I tried many solutions by searcing online but noting worked. Could you
please help me?




--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-Dev-f2368404.html
Reply | Threaded
Open this post in threaded view
|

Re: Getting error "the client and server cannot communicate, because they do not possess a common algorithm" on .Net Framework 4.0 with TLS 1.2 settings and using Apache.NMS 1.7.1 and Apache.NMS.ActiveMQ 1.7.2 Nuget packages

tabish121@gmail.com
Please direct support questions to the users mailing list, this list is
for discussion of development of the ActiveMQ project and not meant for
user support questions.

On 11/4/19 11:32 AM, adongare wrote:

> Hi team,
>
> Getting error "the client and server cannot communicate, because they do not
> possess a common algorithm" on .Net Framework 4.0 with TLS 1.2 settings and
> using Apache.NMS 1.7.1 and Apache.NMS.ActiveMQ 1.7.2 Nuget packages
>
> I am trying to connect ActiveMQ server after migrating my code to TLS 1.2
> and getting below error while creating the session. Below line is erroing
> out.
>
> this.Session = this.Connection.CreateSession(acknowledgementMode);
>
> Below is my c# code:
>
> protected virtual void CreateSession(AcknowledgementMode
> acknowledgementMode)
> {
>              ServicePointManager.SecurityProtocol =
> (SecurityProtocolType)3072 | SecurityProtocolType.Tls;
>              
> var connectionFactory = new NMSConnectionFactory(this.BrokerUri);
>
> this.Connection = connectionFactory.CreateConnection();
> this.Session = this.Connection.CreateSession(acknowledgementMode);
> this.Destination = this.Session.GetDestination(this.DestinationName,
> this.DestinationType);
> }
>
> Below is Error stack trace:
>
> System.Security.Authentication.AuthenticationException: A call to SSPI
> failed, see inner exception. ---> System.ComponentModel.Win32Exception: The
> client and server cannot communicate, because they do not possess a common
> algorithm
>     --- End of inner exception stack trace ---
>     at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken
> message, AsyncProtocolRequest asyncRequest, Exception exception)
>     at
> System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken
> message, AsyncProtocolRequest asyncRequest)
>     at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32
> count, AsyncProtocolRequest asyncRequest)
>     at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst,
> Byte[] buffer, AsyncProtocolRequest asyncRequest)
>     at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult
> lazyResult)
>     at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost,
> X509CertificateCollection clientCertificates, SslProtocols
> enabledSslProtocols, Boolean checkCertificateRevocation)
>     at Apache.NMS.ActiveMQ.Transport.Tcp.SslTransport.CreateSocketStream()
>
> the attached image has TLS 1.2 setting  on my development machine:
>
> <http://activemq.2283324.n4.nabble.com/file/t379703/TLS-settings.png>
> I tried many solutions by searcing online but noting worked. Could you
> please help me?
>
>
>
>
> --
> Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-Dev-f2368404.html
>

--
Tim Bish