2

I have a contractor who created and uploaded test to VSTS but now when we run them we get:

The request was aborted. Could not create SSL/TLS secure channel.

Screen cap of errors

How is this fixed? I am new to VSTS.

cdub
  • 24,555
  • 57
  • 174
  • 303

1 Answers1

1

Is your certificate valid? This error most often comes from an invalid or development certificate, or from a certificate supplying a different TLS version to the one the client is expecting.

According to this answer on Software QA, you can usually work around this by modifying the ServicePointManager in a pre-test handler plugin that you include with your code.

Please read the comments in this example from the MSDN forums - you should modify the call-back function to perform some validation on the certificate to ensure it is the environment you are expecting.

using System;
using System.ComponentModel;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using Microsoft.VisualStudio.TestTools.WebTesting;


namespace ExperimentalTesting
{
  [Description("This plugin will force the underlying System.Net ServicePointManager to negotiate downlevel SSLv3 instead of TLS. WARNING: The servers X509 Certificate will be ignored as part of this process, so verify that you are testing the correct system.")]
  public class SSLv3ForcedPlugin : WebTestPlugin
  {
    [Description("Enable or Disable the plugin functionality")]
    [DefaultValue(true)]
    public bool Enabled {get;set;}

    public override void PreWebTest(object sender, PreWebTestEventArgs e)
    {
      base.PreWebTest(sender, e);

      // We're using SSL3 here and not TLS. Update as required.
      // Without this line, nothing works.
      ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

      // Wire up the callback so we can override behaviour and force it to
      // accept the certificate
      ServicePointManager.ServerCertificateValidationCallback = 
                                             RemoteCertificateValidationCB;

      // Log the changes to the service point manager
      e.WebTest.AddCommentToResult(this.ToString() + " has made the following modification-> ServicePointManager.SecurityProtocol set to use SSLv3 in WebTest Plugin.");
    }

    public static bool RemoteCertificateValidationCB(Object sender, 
                                                     X509Certificate certificate,
                                                     X509Chain chain,
                                                     SslPolicyErrors sslPolicyErrors)
    {
      // Validate the certificate issuer here 
      // (at least check the O, L, C values, better yet the signature).
      // Returning true will accept any certificate
      return true;
    }
  }
}

This will then need to be added to your Web Test as per the MSDN documentation on creating Web Test Plugins.

You will need to follow a similar process to create a Load Test plug-in (inheriting instead from `Microsoft.VisualStudio.TestTools.LoadTesting.ILoadTestPlugin) and follow the MSDN documentation on creating Load Test Plugins.

Zhaph - Ben Duguid
  • 26,785
  • 5
  • 80
  • 117
  • If your load/web test were recorded do I need to start from scratch? I don't see any code files. – cdub Dec 14 '17 at 22:24
  • 2
    @cdub It is webtest plug-in, so you need to create a plug-in and use it to your web test. https://msdn.microsoft.com/en-us/library/ms243191.aspx?f=255&MSPPError=-2147217396 – starian chen-MSFT Dec 15 '17 at 05:09
  • After that do I just run it? I guess I need to learn how to get it into the cloud too. – cdub Dec 15 '17 at 07:47
  • I followed your above link but running the test still produced this https://www.screencast.com/t/AZUWTf0BSNvM – cdub Dec 15 '17 at 08:30
  • @cdub apologies, it's been a long time since I've used VSTS, but I've come up against that error before in general .net contexts. Starian Chen's link may help. – Zhaph - Ben Duguid Dec 15 '17 at 08:32
  • You'll probably need the original project from the contractor to add the plugin to it. – Zhaph - Ben Duguid Dec 15 '17 at 08:34
  • 1
    Make sure you follow **all** of the instructions in the link that @starianchen-MSFT provided. Missing any of them can mean the plugin is unusable. – AdrianHHH Dec 15 '17 at 08:50
  • I have the tests. Do I need to add the plugin anywhere other than as a reference? It was only added as a reference and I changed nothing else. – cdub Dec 15 '17 at 08:54
  • @cdub Check the steps from 19 to 23. – starian chen-MSFT Dec 15 '17 at 08:57
  • And how do I do it for a load test? I see this is for a web test plugin. – cdub Dec 15 '17 at 09:05
  • I got it added to the web test. Need to do a load test too. – cdub Dec 15 '17 at 09:11
  • @cdub - There's a link at the top of the Web Test page that says "You can also create Load Test plugins": https://msdn.microsoft.com/en-us/library/ms243153.aspx – Zhaph - Ben Duguid Dec 15 '17 at 09:24