"System.ComponentModel.Win32Exception (0x80090308): The token supplied to the function is invalid" when TLS13 is enabled

Question

After adding the below registry key to enable TLS1.3 on Windows Server 2022

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001

The .NET Client application throws the below exception

System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
 ---> System.ComponentModel.Win32Exception (0x80090308): The token supplied to the function is invalid
   --- End of inner exception stack trace ---
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
   at System.Net.Security.SslStream.AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)

Is there anything i am missing? In the .NET Client application i had set the protocol version to TLS13.

Thanks in advance.

are you the server or the client? Check that the server & Client has a matching cipher — Allanckw, May 13 '22 at 13:03
Client. I did check the cipher and both have a matching cipher — subbaraoc, May 13 '22 at 13:09
is server only configured to 1.3 only? What version of .net are u on? — Allanckw, May 14 '22 at 14:04
@Alander: Yes,i am using .NET 6 and i had tried with .NET Framework as well which is giving a different exception altogether — subbaraoc, May 15 '22 at 14:31
Did you check the server can support tls1.3? However it is only supported on newer Window's OS versions (windows 11 and server 2022+), — Allanckw, May 16 '22 at 15:04

score 0 · Answer 1 · answered May 16 '22 at 15:09

0

Try the below before you call the server if server is also on windows 2022+

Otherwise it will not work if server is not 2022+

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls13

answered May 16 '22 at 15:09

Allanckw

641
1
6
17

Thanks for the response. Even after setting the SecurityPRotocol to Tls13 i get the same exception – subbaraoc May 18 '22 at 05:56
1

it says authentication fails, how are you authenticating to the server? – Allanckw May 21 '22 at 10:18

"System.ComponentModel.Win32Exception (0x80090308): The token supplied to the function is invalid" when TLS13 is enabled

1 Answers1