InvalidOperation: The request was aborted: Could not create SSL/TLS secure channel

I am seeing this failure attempting to run a “DEPLOY A WINDOWS SERVICE” step on one machine.

Confusingly, this step runs fine on 4 other servers and other deploy steps, including deploying services, work on this same server.

Edit: The error in the log looks like
InvalidOperation: The request was aborted: Could not create SSL/TLS secure channel.
At S:\Octopus\Applications\www<>\2.13.555\Octopus.Action.CustomScripts.PreDeploy.ps1:5 char:5
Invoke-WebRequest "https://dist.nuget.org/win-x86-commandline/lat
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
at , S:\Octopus\Applications\www<>\2.13.555\Octopus.Action.CustomScripts.PreDeploy.ps1: line 5
at , : line 1
at , S:\Octopus\Applications\www<>\2.13.555\Octopus.FunctionAppenderContext.ps1: line 185
at , S:\Octopus\Applications\www<>\2.13.555\Bootstrap.Octopus.FunctionAppenderContext.ps1: line 2625
at , : line 1
at , : line 1

I’m trying to find what makes this specific step on this specific server special.

I confirmed each deploy step pulls from the same artifact server.

I have uninstalled and reinstalled the latest version of the tentacle.

I am running on server v2021.1.7316

I cloned the steps that were failing into a separate deploy pipeline but have not recreated, yet.

Any suggestions on items I can review to try to address?

Thanks,
Brian

Hi Brian,

Welcome to the Octopus community. Sorry to hear you’re having issues deploying a service.

I have a few questions to help us better understand the issue, so I hope you don’t mind me asking. Which version of Tentacle is installed on the target server? Which operating system version are you using on the server? You can run winver to check quickly. Are you able to provide us with a log section that shows a service being successfully deployed on this server?

It looks like there may be a protocol or cipher missing from this specific server, so you might try using a tool like IIS Crypto to set the OS version defaults and then make sure TLS 1.2 is enabled as a protocol, as we’ve seen this causing similar issues in the past.

Lastly, it might be helpful if we can review the JSON steps from your deployment process under Project > Deployments > Process > 3 dots in upper right > Download as JSON, as we will be able to go through your process in more detail and perform testing if needed.

Kind regards,
Patrick

Thank you!

I was not aware of the Download as JSON option.

I was a bit concerned with sharing the full json. I wasn’t sure if there would be credentials shared.

So I compared the json for the successful and failing steps.

I’m embarrassed to say that I found a custom script left over from a very early configuration. I had missed that when comparing through the UI because I have not used those for a long time.

Removing the custom script corrected the problem.

Looking at the error message it seems so obvious now :slight_smile:

Thanks again for pointing me in the right direction,
Brian

Hi Brian,

Thanks for getting back to me and I’m glad to hear you were able to fix your issue by comparing the JSON outputs. That’s a great use for that feature.

I completely understand your reluctance in sharing potentially sensitive data (i.e the JSON download), but note in the future you can send these and other sensitive files to us in support as a direct message rather than attaching them to the public post by clicking a user’s avatar > Message.

Let us know if you have any further questions or encounter any other issues.

Best,
Patrick

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.