ISHRemote could not create session: New-IshSession: The requested security protocol is not supported.

I was trying to connect to Tridion Docs via ishRemote. The ISHRemote module is installed on the SAME instance of Tridion Docs. The default TLS protocol combination was Ssl3, Tls. Security issue occurred even if I set appropriate TLS protocols (see below)

However, If I connect to Tridion Docs from another computer (also installed ISHRemote module of same version), the session was created successfully.

The version of ISHRemote module is 7.0.0

 

PS C:\Users\Administrator> $psversiontable

Name Value

---- -----

PSVersion 5.1.14393.7330

PSEdition Desktop

PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}

BuildVersion 10.0.14393.7330

CLRVersion 4.0.30319.42000

WSManStackVersion 3.0

PSRemotingProtocolVersion 2.3

SerializationVersion 1.1.0.1

PS C:\Users\Administrator> [Net.ServicePointManager]::SecurityProtocol = "Tls, Tls11, Tls12, Ssl3"

PS C:\Users\Administrator> $ishSession = New-IshSession -WsBaseUrl localhost/.../ -IshUserName "Admin" -IshPassword "admin"

New-IshSession : The requested security protocol is not supported.

At line:1 char:15

+ ... shSession = New-IshSession -WsBaseUrl localhost/.../ -IshUs ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : InvalidOperation: (:) [New-IshSession], NotSupportedException

+ FullyQualifiedErrorId : -1,Trisoft.ISHRemote.Cmdlets.Session.NewIshSession

emoji
Parents
  • Hi Lihao,

    In the end Security Protocol is a handshake done between the Server and Client as part of your Operating System and .NET runtime environment. Where ISHRemote is a client consuming the Client operating system and .NET runtime. In your problem scenario the Client and the Server are the same machine.

    On the Client you are defining 4 protocols, even unsecure Ssl3 is mentioned. Lines like [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 are probably ignored as ISHRemote through class IShSession sets the Client to negotiate with the availalbe secure options, see code on github.com/.../IshSession.cs

    1. What I do notice in your example is that you mention "localhost" as -WsBaseUrl parameter. How is the full url working? Can I assume it is https://localhost/?
    2. Preferably update your ISHRemote v7 edition to latest v8.1, in case there are still issues, they will only be fixed on latest version. Latest ISHRemote works on previous Tridion Docs versions. Can you do that?
    3. Can you run your New-IShSession cmdlet but add a -Debug flag so we perhaps see near which log statement the .NET Framework error is thrown?

    Best wishes,
    Dave

    emoji
  • Hi Dave,

    Recently I tried again with `-Debug` argument. I noticed "PS5.1/NET48 forces Assembly Redirects for..."

    then I suspect that the lack of NET4.8 leads to the certain fallback behavior when running powershell modules.

    Therefore I installed NET4.8 and problem was solved.

    Screenshot of a PowerShell interface with a debug message about New-IshSession command. It shows a warning 'The requested security protocol is not supported.'

    Thank you for your kindly help ;D

    emoji


    Generated Image Alt-Text
    [edited by: RWS Community AI at 7:12 PM (GMT 0) on 18 Dec 2024]
Reply Children
No Data