If you are using custom C# .Net code to connect to SharePoint Online (Microsoft 365) and suddenly start receiving error message "The underlying connection was closed: An unexpected error occurred on a send.", you have reached the right place, lets fix this together.
You may also see a trace with message "Authentication failed because the remote party has closed the transport stream."
This could be a connection failue from Azure App Service to SharePoint, or custom .Net code (Task Schedular / Windows Service / Console) to SharePoint.
⚠️ Why connection failed at System.Net.HttpWebRequest.GetResponse() ?Most probably, you may be using TLS 1.0 or 1.1 with .Net Framework 4.0 or 4.5 in your C# code.
This is a common problem for legacy applications.
The Transport Layer Security (TLS) 1.0 and 1.1 protocols are deprecated for the Microsoft 365 services. There was temporarily halt due to COVID-19 situation, but TLS 1.2 enforcement is now rolling out.
⭐ What is TLS (Transport Layer Security) ?Office client relies on Windows web service (WINHTTP) to send and receive traffic over TLS protocols.
Transport Layer Security (TLS) secures communication between computers, most commonly with Hypertext Transfer Protocol Secure (HTTPS). Older protocol versions of TLS are less secure than TLS 1.2 and TLS 1.3 and are more likely to have new vulnerabilities.
Older protocols should be avoided to minimize risk and deprecated security protocols should not be used.
By default, .Net Framework 4.5.1 uses TLS 1.0. Does not matter if the platform supports newer TLS protocol versions. Due to this reason, your custom application cannot connect to SharePoint Online and throws connection exception.
⭐ How to enable TLS 1.2 in C# code ?
- Upgrade your application to .NET Framework 4.7.* or newer so it automatically uses TLS 1.2 by default. This is not the easiest approach and may require re-compiling the application.
- Manually force the code to use TLS1.2 protocol (System.Net.Http.HttpClient)
- Manually specify in code to use either of the TLS protocols (preferred approach)
- Update the associated configuration file to use the strongest available cryptography
- Update the associate configuration file to use TLS 1.2 by changing the target framework runtime
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
ServicePointManager.SecurityProtocol = ServicePointManager.SecurityProtocol Or SecurityProtocolType.Tls12 And Not (SecurityProtocolType.Ssl3 Or SecurityProtocolType.Tls Or SecurityProtocolType.Tls11)
ServicePointManager.SecurityProtocol = (SecurityProtocolType)768 | (SecurityProtocolType)3072
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls Or SecurityProtocolType.Ssl3
<?xml version="1.0" encoding="utf-8"?> <configuration> <runtime> <AppContextSwitchOverrides value="Switch.System.Net.DontEnableSystemDefaultTlsVersions=false"/> </runtime> </configuration>
<configuration> <system.web> <compilation targetFramework="4.5.1" /> <httpRuntime targetFramework="4.7.2"/> </system.web> </configuration>
⚡️ .NET frameworks and TLS support
- .NET 4.6 and above - Supports TLS 1.2 by default. Upgrade code to this version if possible, this is a long term solution.
works well, no changes needed
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
no workaround, only upgrade is a solution
Have Questions? Post them here!
- Move Copy Migrate SharePoint OneDrive files folders to different site collection location
- How to generate client id and secret to register SharePoint App with OAuth
- How to share SharePoint site or document with all users in organization
- Get-ADUser PowerShell - Get AD user details using email address
- error CAML Query containing special characters
- Access URL for SharePoint Tenant Admin Center (Online Office 365)
- Fix SharePoint Error - The Managed Metadata Service or Connection is currently not available. The Application Pool or Managed Metadata Web Service may not have been started
- SharePoint - The URL is invalid. It may refer to a nonexistent file or folder, or refer to a valid file or folder that is not in the current Web.
- How to delete SharePoint List Item programmatically using C#.Net
- How to Share Microsoft SharePoint Site with Users or Groups
- JSON column formatting to preview SharePoint Online file on mouse hover
- SharePoint List redirect user after submitting form NewForm.aspx
- See actual SharePoint error exception modify web.config
- SharePoint Server 2016 IT Preview Deprecated Removed features
- How to create SharePoint Document Library
- How to Get or Set SharePoint Document ID _dlc_DocId using PowerShell
- How to disable SharePoint subsite creation option for owners
- PowerShell - How to use Try Catch Finally blocks for error exception handling (Windows/SharePoint)
- SharePoint error - Your organization doesn't allow sharing with users from this domain. Please contact your IT department for help. (OSE403)
- [Solved] SharePoint Search Internal server error exception
- How to wrap column text in SharePoint Online Modern List Grid View using JSON formatting
- How to extend retiring SharePoint 2010 Workflows and continue with Office 365
- Changed AD user display name showing old name in SharePoint
- How to hide or remove quick launch left navigation from SharePoint Online Modern site page
- How to enable anonymous public access for SharePoint Online site collection, file, folder without login ?
- 3 Commands to stop Nginx Server - Linux
- PHP Script to Upload Images to Server - PHP
- How to create a New Project in Visual Studio Code (VS Code) - HowTos
- [Solution] Alpine Docker apt-get: not found - Docker
- Fix: zsh: command not found: aws (Mac/macOS) - AWS
- How to run React Native App using Android Studio Emulator - Android-Studio
- Take Screenshot on Mac OS X (Keyboard Shortcuts) - Mac-OS-X
- [Android Studio] How to locate code for activity_main.xml - Android-Studio