This article applies to Microsoft BizTalk 2010 Accelerator for RosettaNet (BTARN).
When you use the RosettaNet RNIFSend.aspx send page that has SSL protocol enabled to send messages, you receive an error message that resembles the following:
BizTalk http send error 'The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.'
To make sure that the issue you experience is the same issue that is described here, you can disable the SSL protocol so that the RosettaNet application can accept traffic that is not encrypted. Then, you can use the network traffic monitor (netmon.exe) to capture and review the traffic. By doing this, you can see the different protocols that are used by the partners to communicate. You can also check the protocol that you use and the response protocol.
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.
If the hotfix is available for download, there is a "Hotfix Download Available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft website:
http://support.microsoft.com/contactus/?ws=supportNote The "Hotfix Download Available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
To resolve this issue, follow these steps:
Before you apply the hotfix, follow these steps:
Open the Console Root window, and then click Host Instances.
Right click on the running instance and press Stop.
On the desktop, click Start, then click Run
Type inetmgr, and then press Enter to open Internet Information Services (IIS) Manager.
Stop the BAMAppPool, BTARNAppPool and BTARNHttpReceivePool application pools.
Apply the hotfix.
After you apply the hotfix, follow these steps:
In IIS Manager, expand the Server tree, and then expand Sites.
Click BTARNApp, and then click Content View.
Expand BTARNApp Application.
Create an .xml file that is named "SSLConfig.xml."
Open the .xml file that you just created, and add one of the following code blocks, depending on which protocol you want to use:
<?xml version="1.0" encoding="utf-8" ?>
<?xml version="1.0" encoding="utf-8" ?>
<EnableSSLProtocol>TLS</EnableSSLProtocol> Note The operating system that you use must support the protocol that you set in the SSLConfig.xml file.
Start the BAMAppPool, BTARNAppPool and BTARNHttpReceivePool application pools.
Start the BizTalk host instance.
For more information about the SSL and TLS protocols, see the "More Information" section.
To apply this hotfix, you must have the following software installed:
Microsoft BizTalk Server 2010
Microsoft BizTalk 2010 Accelerator for RosettaNet
You do not have to restart your computer after applying this hotfix. However, you must restart IIS and BizTalk Host Instance services.
For information about service packs and cumulative updates for BizTalk Server, click the following article number to view the article in the Microsoft Knowledge Base:
2555976 Service Pack and Cumulative Update list for BizTalk Server For more information about BizTalk Server hotfixes, click the following article number to view the article in the Microsoft Knowledge Base:
2003907 Information about BizTalk hotfixes and service pack support For more information about the SSL and TLS protocol, go to the following MSDN website:
TLS and SSL Technical ReferenceThe third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.