In c# there’s some additional code for webclient to force a SSL handshake (ServicePointManager), or bypass the certificate check (RemoteCertificateValidationCallback) and return true. I don’t know how that would be passed in the script. I’ve hit a brick wall with it because of the cyphers used for the SSL certificate. If you can open the site in Chrome and Firefox but not IE, you’re most likely experiencing the same issue as Chrome and Firefox don’t use the same libraries for https.
Head to SSL Server Test (Powered by Qualys SSL Labs) and test the site.
Look for the W7 section of the analysis. Here’s for my site:
The SSL cyphers are incompatible for W7-W8.1.
EDIT:
Here’s JTR’s post:
FWIW, those registry entries didn’t change anything for me.
If you edit %ProgramFiles(x86)%\SambaPOS5\Samba.Presentation.exe.config with the text pasted below, it will log System.Net calls.
Close SambaPOS and make a backup/copy of Samba.Presentation.exe.config. YOu’ll need that afterwards to replace the edited file.
Paste the code just above </configuration>:
<system.diagnostics>
<trace autoflush="true" />
<sources>
<source name="System.Net">
<listeners>
<add name="System.Net" />
</listeners>
</source>
<source name="System.Net.Sockets">
<listeners>
<add name="System.Net" />
</listeners>
</source>
<source name="System.Net.Cache">
<listeners>
<add name="System.Net" />
</listeners>
</source>
</sources>
<sharedListeners>
<add
name="System.Net"
type="System.Diagnostics.TextWriterTraceListener"
initializeData="System.Net.trace.log"
/>
</sharedListeners>
<switches>
<add name="System.Net" value="Verbose" />
<add name="System.Net.Sockets" value="Verbose" />
<add name="System.Net.Cache" value="Verbose" />
</switches>
</system.diagnostics>
After SambaPOS starts, you will want to clear System.Net.trace.log (located in %ProgramFiles(x86)%\SambaPOS5\) before you try your API call. THere’s a lot of information that’s dumped in the log.
Make your API call and open the log file. From what I’ve been able to find, if you see "The request was aborted: Could not create SSL/TLS secure channel" (like I do), you may be SOL.
I can’t say there isn’t a solution, but I’ve given up trying to find one. I’ll just fallback to http on < W10 machines.
EDIT 2:
You’ll find the line/error I was talking about at the end of the call log. It may look something like this:
System.Net.Sockets Verbose: 0 : [10676] Entering Socket#24827179::Dispose()
System.Net Error: 0 : [10676] Exception in HttpWebRequest#6480969:: - The request was aborted: Could not create SSL/TLS secure channel..
System.Net Error: 0 : [10676] Exception in HttpWebRequest#6480969::EndGetRequestStream - The request was aborted: Could not create SSL/TLS secure channel.
Don’t forget to copy the backup file over the edited one as that log file will grow quickly.