Some of the apps or scripts using PDF.co API may have after September 30 2021 with “certificate expired” error.
This is caused by Let’s Encrypt update for their root certificates.
To fix the error, root certificates need to be updated on your machine
How to update:
Windows
It should update itself as it checks for root certificates updates automatically.
Unix/Linux/RedHat
Then please check this instruction to find how to update root certificates on your computer: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-expired-certificate/
Amazon AWS Lambda
Check this discussion: https://stackoverflow.com/questions/69395823/the-ssl-connection-could-not-be-established-system-security-authentication-auth
Zapier, Integromat, Ui Path, and Other Integrations
Should work OK as they’ve updated certificates on their servers.
Certification Issues in Dot Net Framework Programs
In few cases when calling API from C#/VB.NET programs, it raises error like “The request was aborted: Could not create SSL/TLS secure channel”.
There are two possible causes for this issue.
- Server Certificate is Expired
- Issue with Dot Net Framework Protocol Selection
1. Server Certificate is Expired
To make sure server certificate is valid you can open API URL in browser and check SSL certificate status. For example, refer to following GIF.
2. Issue with Dot Net Framework Protocol Selection
It is common issue to raise error stating not able to connect securely to SSL/TSL channel. Now, reason behind this is due to fact that different version of dot net framework uses specific default protocol to for HTTP Requests.
Consider following table.
Framework Version | Default Protocols |
4.5 and earlier | SSL 3.0, TLS 1.0 |
4.6.x | TLS 1.0, 1.1, 1.2, 1.3 |
4.7+ | System (OS) Defaults |
Please refer to this SO answer for more information.
There are two workarounds to fix this issue in your C#/VB.NET program.
1. Change your project’s dot net framework to 4.6 or above.
2. If you are using earlier version that 4.6, specify security protocol to use in your code.
For example, consider following code snippet.
// Specify Security Protocol ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072; // Create standard .NET web client instance WebClient webClient = new WebClient(); // Set API Key webClient.Headers.Add("x-api-key", API_KEY); // 1. RETRIEVE THE PRESIGNED URL TO UPLOAD THE FILE. // * If you already have a direct file URL, skip to the step 3. // Prepare URL for `Get Presigned URL` API call string query = Uri.EscapeUriString(string.Format( "https://api.pdf.co/v1/file/upload/get-presigned-url?contenttype=application/octet-stream&name={0}", Path.GetFileName(SourceFile))); try { // Execute request string response = webClient.DownloadString(query); ...
Here, we’re specifically choosing 3072 as SecurityProtocol.
Certification related issues in NodeJs Programs
Normally we encounter SSL certification related issue in NodeJs samples where node version is 8.00 or older. It fails with SSL verification because it has some old libs. Upgrading version resolves issue.