Error When Forcing DNN to Use TLS 1.2 for Outbound Connections: 'Registry unreachable'

Overview

Customers integrating DNN with third-party modules or applications require outbound connections to be delivered via TLS (Transport Layer Security) 1.2 or above.

However, forcing DNN to use this protocol can result in connection issues with the third-party integrations. For example, you may see the following registry error when trying to access Content > Content Library:

Message:Registry unreachable
StackTrace:
at Evoq.Microservices.Framework.Registry.RegistryService.d__6.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Evoq.Microservices.Framework.Registry.RegistryService.GetEndpoint(String serviceName, String defaultEndpoint) at Evoq.Analytics.Components.ServiceEndPointsRepository.GetAnalyticsApiUrl()
InnerMessage:An error occurred while sending the request.
InnerStackTrace:
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Evoq.Microservices.Framework.Registry.RegistryService.d__6.MoveNext()

 

This article shares the resolution of this issue.

Warning: The steps shared in this article are not an officially supported workaround/fix for this issue. It is a suggestion that we have seen work previously. Additionally, since these changes force the app pool to recycle, it is best to perform these steps outside of business hours.

 

Root Cause

DNN is not set up to force the usage of the TLS 1.2 protocol.

 

Requirements

The user performing the steps mentioned in this article needs to have:

  • Access to the root DNN installation folders; and
  • SuperUser/Host access to the platform. 

 

Process

Instruct the affected users to do the following:

1. Download the DotNetNuke.Security.Tls12.dll file from the Davidjrh Github repository.

tls12.jpg

2. Place the .dll file in the ~/bin folder of the DNN installation. 

3. Confirmation: Check the previously broken connection with the third-party application or module.

Comments

0 comments

Please sign in to leave a comment.