External Connection https handshake failure: https://hazards.fema.gov/gis/nfhl/rest/services/public/NFHL/MapServer

Permanently deleted user

December 28, 2020 21:22

Hi Geocortex Users,

 

 

I am having an issue connecting to an external services.

 

 

At first I thought it was a TLS issue but I implemented the reg_edit steps in the Geocortex article "Connecting to external services with TLS 1.2". My site was able to successfully connect to the tester site: https://services-tlstest.arcgisonline.com/arcgis/rest/services. My server OS is Windows 2012 R2 and .NET is 4.8.

 

 

Note this is related to the GE forum question: "Why can't GE (GE 4.8, HTML5 2.9) connect to this map service (https://hazards.fema.gov/gis/nfhl/rest/services) ? It says "Connection Failed".". However, the solution there does not fix this issue,

 

 

The external service I am having a problem in Geocortex Essentials is the US FEMA National Hydrology Layers. I can connect and use that service in various clients. TLS is all good. However, Geocortex 4.14 cannot connect:

 

    There was an error connecting to the service.

 

    The request was aborted: Could not create SSL/TLS secure channel.

 

    https://hazards.fema.gov/gis/nfhl/rest/services/public/NFHL/MapServer

 

 

FEMA's website says that they only support connections of type "TLS 12. with Cipher Suites" https://hazards.fema.gov/femaportal/wps/portal/NFHLWMS.

 

 

My guess is that my GE IIS server does not have the desired cipher in its suite so handshake fails?

 

 

Anybody have familiarity with connecting to FEMA services and their TLS requirement? 

 

 

Thanks,

 

Wiley

 

Contra Costa County Public Works Department

0

• 

  Permanently deleted user

  December 31, 2020 16:58

  We got the same issue. However, it only happened at our 2012 Window Server, not our 2016 Window Server. Send out a support ticket and hopefully we would get it fixed.

  0
• 

  Stefan Schweigert

  January 03, 2021 19:38

  Hello All,

  We are aware of this issue and I've added your names to the list of stakeholders. This issue only affects Windows Server 2012 R2, which is nearing end of life support by Microsoft.

  Thanks, Stefan

  0
• 

  Permanently deleted user

  January 13, 2021 20:16

  Following. Thanks.

  0
• 

  Permanently deleted user

  February 12, 2021 17:45

  We are having the same issue.

  0
• 

  Stefan Schweigert

  February 12, 2021 18:03

  Hi Jena and Tim,

  I've added your names to the list of stakeholders. As mentioned previously, given the age of this server environment, we suggest that you upgrade to 2016 or 2019, both of which have been confirmed to connect properly with this service.

  Thanks, Stefan

  0
• 

  Marc Rempel

  March 15, 2021 18:54

  Hi,

   

   

  I assume this is still an issue?  Or was a work around ever found?

   

   

  -- Marc

  0
• 

  Permanently deleted user

  March 15, 2021 18:57

  Hi Marc,

   

  Yeah still an issue, the problem is caused when one uses Windows Server 2012 to host geocortex. The solution is to update the Server OS to 2016 or newer. I have not yet done so but I have received confirmation from Geocortex that it will fix the issue.

   

  Thanks,

   

  Wiley

  0

Please sign in to leave a comment.