Some of the apps or scripts using PDF.co API may have after September 30 2021 with “certificate expired” error.

This is caused by Let’s Encrypt update for their root certificates.

To fix the error, root certificates need to be updated on your machine

How to update:

Windows

It should update itself as it checks for root certificates updates automatically.

Unix/Linux/RedHat

Then please check this instruction to find how to update root certificates on your computer: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-expired-certificate/

Amazon AWS Lambda

Check this discussion: https://stackoverflow.com/questions/69395823/the-ssl-connection-could-not-be-established-system-security-authentication-auth

Zapier, Integromat, Ui Path, and Other Integrations

Should work OK as they’ve updated certificates on their servers.

Certification Issues in Dot Net Framework Programs

In few cases when calling API from C#/VB.NET programs, it raises error like “The request was aborted: Could not create SSL/TLS secure channel”.

There are two possible causes for this issue.

  1. Server Certificate is Expired
  2. Issue with Dot Net Framework Protocol Selection

1. Server Certificate is Expired
To make sure server certificate is valid you can open API URL in browser and check SSL certificate status. For example, refer to following GIF.

Check SSL in browser

2. Issue with Dot Net Framework Protocol Selection
It is common issue to raise error stating not able to connect securely to SSL/TSL channel. Now, reason behind this is due to fact that different version of dot net framework uses specific default protocol to for HTTP Requests.

Consider following table.

Framework Version Default Protocols
4.5 and earlier SSL 3.0, TLS 1.0
4.6.x TLS 1.0, 1.1, 1.2, 1.3
4.7+ System (OS) Defaults

Please refer to this SO answer for more information.

There are two workarounds to fix this issue in your C#/VB.NET program.

1. Change your project’s dot net framework to 4.6 or above.

2. If you are using earlier version that 4.6, specify security protocol to use in your code.
For example, consider following code snippet.

// Specify Security Protocol
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

// Create standard .NET web client instance
WebClient webClient = new WebClient();

// Set API Key
webClient.Headers.Add("x-api-key", API_KEY);

// 1. RETRIEVE THE PRESIGNED URL TO UPLOAD THE FILE.
// * If you already have a direct file URL, skip to the step 3.
			
// Prepare URL for `Get Presigned URL` API call
string query = Uri.EscapeUriString(string.Format(
	"https://api.pdf.co/v1/file/upload/get-presigned-url?contenttype=application/octet-stream&name={0}", 
	Path.GetFileName(SourceFile)));

try
{
	// Execute request
	string response = webClient.DownloadString(query);
...


Here, we’re specifically choosing 3072 as SecurityProtocol.

Certification related issues in NodeJs Programs

Normally we encounter SSL certification related issue in NodeJs samples where node version is 8.00 or older. It fails with SSL verification because it has some old libs. Upgrading version resolves issue.