Could not create SSL/TLS secure channel

Hi everyone,

I am still relatively new to Okta and its API, I have inherited a number of Powershell scripts used for administrative tasks on the system. Recently these scripts stopped working in our Okta dev/sandbox environment and fail with the error:

Exception calling "GetResponse" with "0" argument(s): "The request was aborted: Could not create SSL/TLS secure channel."

However the exact same script works fine in our Okta production environment, they both use TLS1.2, same ciphers. The workstation I am running the script on has now problem accessing our Okta dev environment via its web interface.

I would be grateful for any advice or pointers!

As of today, Okta production env still offers TLSv1/v1.1/1.2, while the preview env only works with TLSv1.2. Most likely it’s something on your side (script, network library, network infrastructure, etc) that prevents TLSv1.2 from being used.

It turned out that Powershell was defaulting to TLSv1 and this was being rejected. If anyone else is having the same issues with Powershell and the Okta API then you can add the following to your scripts/modules to explicitly use TLSv1.2

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

It’s good to know, thanks for sharing. From this tip, I also found this approach by appending TLSv1.2 support:


This makes the script backward compatible with servers that are not up to TLSv1.2 yet.

2 Likes

Glad you got it working!

@ca_aidan Out of curiousity, can you share what version of Windows and PowerShell you are using?

$PSVersionTable

at a posh prompt will output the shell version.

Name Value


PSVersion 5.1.16299.431
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
BuildVersion 10.0.16299.431
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1