azure-pipelines-tasks: PublishSymbolsV2 task - Doesn't Support TLS 1.2

Required Information

Question, Bug, or Feature?
Type: Bug

Enter Task Name: PublishSymbolsV2

Environment

Server - Azure Pipelines or TFS on-premises?
- If using TFS on-premises, provide the version:
- If using Azure Pipelines, provide the account name, team project name, build definition name/build number: N/A
Agent - Hosted or Private:
- If using Hosted agent, provide agent queue name: N/A
- If using private agent, provide the OS of the machine running the agent and the agent version: N/A

Issue Description

Receiving the following message when TLS 1.0 and 1.1 is disabled on a windows agent:

Exception occurred: System.Net.WebException
##[error]The underlying connection was closed: An unexpected error occurred on a receive.

I believe this is caused by not setting [Net.ServicePointManager]::SecurityProtocol in the powershell script to allow use of TLS 1.2. There is no way to do this currently in this task.

About this issue

Original URL
State: closed
Created 3 years ago
Comments: 17 (3 by maintainers)

Most upvoted comments

@carl-tanner Same issue with agent version 2.204.0 and 2.203.0 task.

==============================================================================
Task         : Index sources and publish symbols
Description  : Index your source code and publish symbols to a file share or Azure Artifacts symbol server
Version      : 2.203.0
Author       : Microsoft Corporation
Help         : https://docs.microsoft.com/azure/devops/pipelines/tasks/build/index-sources-publish-symbols
==============================================================================
Found 1 files.
Skipping indexing.
Symbol Request Name = ***
Exception occurred: System.Net.WebException
Exception occurred: System.Net.WebException
Exception occurred: System.Net.WebException
Exception occurred: System.Net.WebException
Exception occurred: System.Net.WebException
##[error]The underlying connection was closed: An unexpected error occurred on a send.

nuzolx on Jul 13, 2022

This is now a blocking issue, Azure DevOps now requires TLS1.2 on all connections.

https://devblogs.microsoft.com/devops/deprecating-weak-cryptographic-standards-tls-1-0-and-1-1-in-azure-devops-services/

This is causing pipelines to fail. Can we have a resolution as soon as possible ?

As a workaround, I used the PoweSshell script referenced here: https://github.com/microsoft/azure-devops-tls12 and applied the suggested mitigations.

ocitrev on May 16, 2022

The TLS 1.0 and 1.2 brownout today has highlighted this as still an issue.

@carl-tanner The changes have been approved back in December, are they being merged and a new version pushed any time soon?

scp-mb on Mar 22, 2022

This is now a blocking issue, Azure DevOps now requires TLS1.2 on all connections.

https://devblogs.microsoft.com/devops/deprecating-weak-cryptographic-standards-tls-1-0-and-1-1-in-azure-devops-services/

This is causing pipelines to fail. Can we have a resolution as soon as possible ?

As a workaround, I used the PoweSshell script referenced here: https://github.com/microsoft/azure-devops-tls12 and applied the suggested mitigations.

For anyone landing here, still having the same issue, the solution above solves the issue.

FokkoVeegens on Dec 4, 2023

Seeing this issue with 2.210

v-kevinwong on Nov 3, 2022

Still an issue, any updates?

luizgrs on Sep 12, 2022

This issue is stale because it has been open for 180 days with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days

github-actions[bot] on Feb 6, 2022