Re: Getting error "the client and server cannot communicate, because they do not possess a common algorithm" on .Net Framework 4.0 with TLS 1.2 settings and using Apache.NMS 1.7.1 and Apache.NMS.ActiveMQ 1.7.2 Nuget packages

[Timothy Bish]

Please direct support questions to the users mailing list, this list is 
for discussion of development of the ActiveMQ project and not meant for 
user support questions.

On 11/4/19 11:32 AM, adongare wrote:
Hi team,
Getting error "the client and server cannot communicate, because they do not
possess a common algorithm" on .Net Framework 4.0 with TLS 1.2 settings and
using Apache.NMS 1.7.1 and Apache.NMS.ActiveMQ 1.7.2 Nuget packages

I am trying to connect ActiveMQ server after migrating my code to TLS 1.2
and getting below error while creating the session. Below line is erroing
out.

this.Session = this.Connection.CreateSession(acknowledgementMode);

Below is my c# code:

protected virtual void CreateSession(AcknowledgementMode
acknowledgementMode)
                {
             ServicePointManager.SecurityProtocol =
(SecurityProtocolType)3072 | SecurityProtocolType.Tls;
             
			var connectionFactory = new NMSConnectionFactory(this.BrokerUri);

                        this.Connection = connectionFactory.CreateConnection();
                        this.Session = 
this.Connection.CreateSession(acknowledgementMode);
                        this.Destination = 
this.Session.GetDestination(this.DestinationName,
this.DestinationType);
                }

Below is Error stack trace:

System.Security.Authentication.AuthenticationException: A call to SSPI
failed, see inner exception. ---> System.ComponentModel.Win32Exception: The
client and server cannot communicate, because they do not possess a common
algorithm
    --- End of inner exception stack trace ---
    at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken
message, AsyncProtocolRequest asyncRequest, Exception exception)
    at
System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken
message, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32
count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst,
Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult
lazyResult)
    at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost,
X509CertificateCollection clientCertificates, SslProtocols
enabledSslProtocols, Boolean checkCertificateRevocation)
    at Apache.NMS.ActiveMQ.Transport.Tcp.SslTransport.CreateSocketStream()

the attached image has TLS 1.2 setting  on my development machine:

<http://activemq.2283324.n4.nabble.com/file/t379703/TLS-settings.png>
I tried many solutions by searcing online but noting worked. Could you
please help me?




--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-Dev-f2368404.html


--
Tim Bish