Author Topic: [Solved] Error trying to connect (SSL?)  (Read 520 times)

VA Pilot

  • Newbie
  • *
  • Posts: 28
    • View Profile
    • EUROJET
[Solved] Error trying to connect (SSL?)
« on: July 31, 2018, 04:56:17 PM »
Hi,
I get the well-known errors when trying to connect.
The log-file shows
Quote
31.07.2018 15:48:01
Die Anfrage wurde abgebrochen: Es konnte kein geschützter SSL/TLS-Kanal erstellt werden..

31.07.2018 15:48:01
   bei System.Net.HttpWebRequest.GetResponse()
   bei SIM_ACARS.Form1.remove_book_aircraft()

31.07.2018 15:48:01
System.Collections.ListDictionaryInternal

31.07.2018 15:48:02
Die Anfrage wurde abgebrochen: Es konnte kein geschützter SSL/TLS-Kanal erstellt werden..

31.07.2018 15:48:02
   bei System.Net.HttpWebRequest.GetResponse()
   bei SIM_ACARS.Form1.get_aircrafts(String vaCallsign, String vaPassword)

31.07.2018 15:48:02
System.Collections.ListDictionaryInternal

31.07.2018 15:48:03
Die Anfrage wurde abgebrochen: Es konnte kein geschützter SSL/TLS-Kanal erstellt werden..

31.07.2018 15:48:03
   bei System.Net.HttpWebRequest.GetResponse()
   bei SIM_ACARS.Form1.loginBtn_Click(Object sender, EventArgs e)

31.07.2018 15:48:03
System.Collections.ListDictionaryInternal

However, I get this error with AND without an https -url. With my old VA, I did not get any errors despite using ssl-encryption. Please help me!
« Last Edit: July 31, 2018, 08:05:40 PM by VA Pilot »
CEO and admin of https://eurojetva.eu :)

Timothee

  • Jr. Member
  • **
  • Posts: 77
    • View Profile
Re: Error trying to connect (SSL?)
« Reply #1 on: July 31, 2018, 07:53:43 PM »
Assuming the URL in your signature is your VA I did some tests with it. Don't worry, before SIM ACARS tries to connect to VAM a SSL/TLS handshake has to be established, so I don't need a valid URL or a VAM user.

What I noticed is, SIM ACARS is trying to negotiate TLS 1.0, which is disabled on your webserver. Thats actually a good practice. Since TLS 1.0 is still enabled on our webserver I never had this issue.
I don't have some deep knowledge about .NET but what I assume is SIM ACARS was compiled to be compatible with older frameworks or has the security protocol explicitly set to TLS 1.0.

However, luckily we are able to override this behaviour. Create a new file in your SIM ACARS directory called "SIM ACARS.exe.config".
Put the following content inside that file:
Code: [Select]
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <runtime>
      <AppContextSwitchOverrides value="Switch.System.Net.DontEnableSchUseStrongCrypto=false" />
    </runtime>
</configuration>

The value is a bit misleading but you actually tell the application to use strong protocols. Now test again. If it works you have to provide this additional file to your VA pilots.

VA Pilot

  • Newbie
  • *
  • Posts: 28
    • View Profile
    • EUROJET
Re: Error trying to connect (SSL?)
« Reply #2 on: July 31, 2018, 08:05:05 PM »
This helped a lot. Thank you very much! :) So basically, my hosting company changed the TLS requirements resulting in the SIM ACARS error.
Just found out that according to https://www.strato.de/faq/article/2329/So-nutzen-Sie-STRATO-SSL.html TLS 1.0 should still be enabled ???
I will put this file into a new SIM ACARS folder and simply replace the folder in vam/vamcars ;)

Regards
Tim
« Last Edit: July 31, 2018, 08:07:21 PM by VA Pilot »
CEO and admin of https://eurojetva.eu :)

Timothee

  • Jr. Member
  • **
  • Posts: 77
    • View Profile
Re: [Solved] Error trying to connect (SSL?)
« Reply #3 on: July 31, 2018, 08:12:09 PM »
Glad you solved it.
You can actually test it by yourself. Go to https://www.ssllabs.com and select test your server.
If you look for TLS 1.0 in the report it will be shown as not supported (Off).

Swik222

  • Newbie
  • *
  • Posts: 24
    • View Profile
Re: [Solved] Error trying to connect (SSL?)
« Reply #4 on: October 23, 2018, 08:35:38 PM »
Hi, I still have this problem. I have tried doing what you say, but no result. What I am doing is creating a text file called as you said and later on, with the context you said, althoguh it shouws up as a .txt file. My web has a SSL and no support on TSL1.0
Help pls