Could not create SSL/TLS secure channel

Happy New Year Smiley Happy


7-Mode 8.2.4

Windows server 2012 R2


I am trying to run my powershell script over https but I got the below error:-

Connect-NaController : Connection to FILERNAME using HTTPS failed - The request was aborted: Could not create SSL/TLS secure channel.
The error may be resolved by generating a new certificate on the storage controller, with a longer key length.
At D:\NetApp\Scripts\7-Mode\7Snap1.ps1:35 char:6
+      Connect-NaController $netapp -Credential $cred -HTTPS
+      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidResult: (FILERNAME:NaController) [Connect-NaController], NaConnectionSSLException
    + FullyQualifiedErrorId : HttpConnectionFailed,DataONTAP.PowerShell.SDK.ConnectNaController



I have increased the key length to more than 2000 (secureadmin setup ssl)but still it is not working. Below are my filer options which I believe should be enough to get it to run over HTTPS.


httpd.access                 none       
httpd.admin.access           host=myhost1,myhost2,myhost3
httpd.admin.enable           off        
httpd.admin.hostsequiv.enable off        
httpd.admin.max_connections  512        
httpd.admin.ssl.enable       on on         
httpd.autoindex.enable       off        
httpd.bypass_traverse_checking off        
httpd.enable                 off        
httpd.ipv6.enable            off        
httpd.log.format             common     (value might be overwritten in takeover)
httpd.method.trace.enable    off        
httpd.rootdir                /vol/vol0/home/http 
httpd.timeout                300        (value might be overwritten in takeover)
httpd.timewait.enable        off      
tls.enable                   on
ldap.ssl.enable              off
ssl.enable                   on         
ssl.v2.enable                off        (same value required in local+partner)
ssl.v3.enable                on         (same value required in local+partner)


If I enable http and run the script over http it works fine. Moreover, I have the same exact configuration on my demo lab and it is working fine even with HTTPS.

I am not sure why it is not working on the production environment. Could it be a server related issue/policy ?


Your help is appriciated.



Re: Could not create SSL/TLS secure channel

Hello ahmada,


happy new year!


Can you access the webfrontend by browser over https ?

Does it produce a warning ?


I guess that the powershell Toolkit uses .net Components for HTTPS Communication.


so you could try out the .NET Foundation to test the connection.

Please see


And try if you can get more information out of it.

To help in Troubleshooting.


Kind Regards



Re: Could not create SSL/TLS secure channel

 Thanks for your replay


Can you access the webfrontend by browser over https ?

Does it produce a warning ?

I got the below error:-




I have checked TLS1.1 and TLS 1.2 and both are enabled.


As for the code in the link provided, I got the below error:



However, in the test lab both tests works fine.


Could it be that some group policy is forced via AD that's causing the issue seen on the production environment ?


Re: Could not create SSL/TLS secure channel

make sure TLS 1.2 is actually enabled on your windows boxes


There were eveidently some "patches" that turned of TLS.


Verify these registry keys:


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]




[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]




you can also check out htis link: