"Could not create SSL/TLS secure channel" Error as of 1:25am today (London)


#1

As of 1:25am this morning (London time) we are now getting the following error:
“Could not create SSL/TLS secure channel.”

From our REST API requests, nothing has changed in our code.

Has anything changed which could explain this? It’s been working fine up until now.


"Could not create SSL/TLS secure channel" every 12 hours
#2

I have same issue. Started from 6:30 PM by PTS and still ongoing.
My app developed with C#, i use next options:

            ServicePointManager.Expect100Continue = true;
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

And auth string have view: https://api.twitter.com/1.1/statuses/user_timeline.json?count=3&screen_name=MyName
But one of my old version of the site work is well. What’s going on?


Brief outage every twelve hours
#3

Unfortunately this is likely due to the fact that we disabled SSLv3. We announced this via @twittersecurity and I’ve also just updated the Announcements forum here to reflect the change.

Apologies that we were unable to provide more notice for this change!


#4

If you reauthenticate and get a new token does this fix it for you? It seems to for us.


#5

Thanks for tip. Also I had to change the deserialization access token.


#6

Would the fact that re-authenticating (i.e. getting a new access token) also seems to have fixed this issue (without changing any of our code) be explained by this SSLv3 change?


#7

No, in that case you may already be using TLS and for some reason your token needed to be cycled - but that wouldn’t usually happen, so I’m a little bit surprised by this. I’m glad your code is working again though!


#8

Sorry - ignore that comment, re-authenticating just happened to fix it by chance by triggering something else I was tweaking with to fix it.

If you are a .NET user I believe you need to make sure that you DO NOT have this line:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

It should be set to either:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.TLS

(Which is the default it seems so the above would be redundant) or just TLS.


#9

I have been using Twitterinvi and as of 15th i got this error as well.
Have tried the above change to tls1.2 /tls1.1 but its still the same
problem. I have not seen any changes on the twitterinvi site to patch
for this problem, any ideas what can be a next step to try?


#10

I’m not familiar with Twitterinvi myself. I had a quick look at the source code and cannot see any SSL or TLS references so I’m guessing the library itself isn’t affected - you could always raise an issue with them if you think there is a problem there.


#11

I have same issue. I’m using C#, and CoreTweet, and the my app is ASP.NET Web application hosted on Microsoft Azure Web Apps (old name is “Azure Websites”).

I encounter this problem at every 8:00am morning in Japan.
It happen always 8:00am JST, every day.

I have no idea at this point, and I am not sure that this issue happened only on Azure.

Could you post comment here about what platform do you using when encounter this issue? > All


#12

Has anybody had any success in resolving this problem? I’ve tried to only use TLS (not SSLv3.0), regenerated access tokens, created entirely new twitter applications with new access tokens. I still get this error every day around 10 and 22 UTC.

Using LinqToTwitter