Constant Contact wants to help you succeed! We’re celebrating our professional service programs on the Constant Contact Community this month and you have a chance to try one of the services for free! Learn more.
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel
I've had the Constant Contact API up and running perfectly now for a couple years, no issues what-so-ever, then just recently, this started popping up. No recent changes in the website or server, it just started happening "out of the blue", yet the API is still continuing to work?
Some settings just changed on our side regarding security protocols. Any servers/networks using SSL 3 or TLS 1.0 with an RC4 cipher will not be able to connect to us via the API any longer, to mitigate the risk posed by some well-known security exploits (heartbleed, or man-in-the-middle attacks, to name 2).
More details are at http://techblog.constantcontact.com/api/release-updates/support-ending-for-tls-v1-0-rc4-cipher-and-s... Sorry for the inconvenience. Upgrading to a newer security protocol, like TLS 1.1 or 1.2, should stop the issue from occurring.
Partner API Support Engineer
So from a Win 2003 box, really the only option is TLS 1.0 3DES? (If you're saying RC4 is unacceptable, I'm assuming RC2 is unacceptable and DES is as well since they are both weaker encryption schemes)
I want to apologize for the delay in getting you this info!
The security changes that we made were to prevent attackers from using the GHOST exploit to decrypt secure traffic to/from our API. These changes have made it so that it is no longer possible to use SSLv3, as well as disabling the use of the RC4 cipher for SSL connections. The best way to address this is to use this patch by Microsoft which enables the use of AES ciphers with TLSv1.0 in Server 2003. http://support.microsoft.com/kb/948963
If you have any questions, please let me know!