question

EeraertsSenne-0677 avatar image
5 Votes"
EeraertsSenne-0677 asked VigneshSukumar-0037 answered

Azure Logic Apps - Http Action request failed with status code 'SecureChannelFailure' and status message: 'The request was aborted: Could not create SSL/TLS secure channel.

Hi,

I am trying to set up an HTTP Action in a Consumption Azure Logic App but when trying to do so, the HTTP call always fails with a SecureChannelFailure. Googling this issue hasn't made me any wiser since i don't see anyone complaining on this issue, therefore my question:

The client provided us with a Certificate (.PFX extension and is a valid Certificate) with what we will have to authenticate ourselves when making the request.
The Error:


184036-image.png

The header composes of some fields and a JWT Token that is also valid and was tested.
The Authentication is a Client Certificate specified in the Logic App Workflow:

184044-image.png

The Call:

183998-image.png


Please let me know if you require more information but at this point I don't understand why My Logic App call is failing after 4 retries and this error is thrown.

(The certificate is Base64 Encoded via the following way , as suggested by MS, https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app?tabs=azure-portal#client-certificate-authentication)

Thanks in advance!

azure-logic-apps
image.png (12.0 KiB)
image.png (11.7 KiB)
image.png (28.2 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FYI: The certificate is NOT Self-Signed since I was worried that the issue might be related to Self Signed Certificates in a Multi tenant Environment etc ...

0 Votes 0 ·

1 Answer

VigneshSukumar-0037 avatar image
0 Votes"
VigneshSukumar-0037 answered

Hi EeraertsSenne-0677,
The steps you mentioned are right to enable the certificate based authentication, the error indicates a fault response from the called service.
This could be due to the TLS version mismatch of the called service. Can you check if the called service is >4.6.2 dotnet version (or) if the service/hosted system supports latest TLS versions.

Alternatively , try posting to another LogicApp/APIM based endpoint to isolate the issue with the called service.
Ideally if the certificate is wrong, we will be receiving a 401 unauthorized error.

Thanks,
Vignesh

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.