Skip to the content

TLS Error When Submitting VAT Returns

Dynamics NAV MTD HMRC could not create SSL/TLS secure channel

Companies trying to use the Making Tax Digital (MTD) functionality in Microsoft Dynamics NAV have been having issues connecting to HMRC due to a connection error. We have had several support calls from customers running Dynamics NAV who have been unable to submit VAT returns due to a warning that the system could not create an SSL/TLS secure channel. In this article, we look at who is affected, what the issue is and how to resolve the problem. 

Dynamics NAV 2015, MTD, HMRC, TLS 1.2

This week we have dealt with calls from a number of customers running NAV 2015 who have been unable to submit VAT returns due to the below error: 

dynamics NAV hmrc ssl tls secure channel could not be established

"Connection to the remote service could not be established.

The request was aborted: Could not create SSL/TLS secure channel."

It appears that in the last few weeks HMRC have started to require TLS 1.2 on the connection from NAV.  Later versions of NAV handle this natively, but older versions of NAV default to TLS 1.0. 

There are a number of approaches to resolving this which look like they would work.  We used and tested no.1 on the list - updating CAL code. However, in a situation where you cannot modify the CAL code in NAV the others could be useful. 

For any of the below options you would need to enable TLS 1.2 at the Windows Server level as per this link

Transport Layer Security (TLS) registry settings | Microsoft Docs. This might vary for different versions of Windows though.

1 Updating CAL code

We copied the below functions from later versions of NAV:

codeunit 10 type helper CAL editor

Codeunit 1297 http Web Request Mgt

And finally the below line of code:

codeunit 1297 http web request mgt

This specifies that when NAV creates the TLS connection to HMRC’s servers version 1.2 should be used. 

2 Modifying the registry

You could default everything to TLS 1.2. This would be sensible anyway from a security standpoint but may effect systems other than NAV so will require more testing. 

3 Modifying the config file for the middle tier to default to TLS 1.2

In writing this blog article, I found the below, which suggests there might be an easier way to make NAV default to TLS 1.2. 

How to get earlier versions of the Dynamics NAV development environment to work with TLS 1.2 - Microsoft Dynamics 365 Blog

It’s not clear if this setting would affect connections being made by an external .NET control, or just those from the NAV executable, such as the connection to the SQL server. 

It looks like all that is needed is to add a SecurityProtocolkey with a value of Tls12 or 3072 to the "C:\Program Files\Microsoft Dynamics NAV\80\Service\Microsoft.Dynamics.Nav.Server.exe.config" and any other instances.  I have not tested but will try it if I see the issue again  

Expert support from our UK Dynamics support team

Our UK support team have a structured approach to Dynamics support, whether for Business Central or Dynamics NAV. This means that we can process support calls in a timely and effective manner. With extremely technical resource in the team, we are able to help with some extremely complex support calls for Dynamics. But it is not just about technical capability; we want to make sure that our customers are happy with the service that we provide them. With every support call there is an opportunity to provide sentiment in the form of a thumb up or a thumb down with just one click. Since we implemented this in May, the team have been doing an incredible job... as you can see below: 

98% dynamics support thumbs up
On the rare occasion a customer does give us a thumbs down, we know who it is was and can follow up to make sure we resolve the issue. This means that we can ensure a positive ongoing relationship; a true partnership. 

Dynamics support

David Curd

Dave is one of the longest serving members of our support team. His technical expertise means that he can provide support to even the most complex support problem, whether that is in Dynamics NAV, Dynamics 365 Business Central, or for something more back end such as SQL or Azure. 

Partner with the Experts

With over 300 years of combined experience in Microsoft business solutions, our team will help to get you up and running, as well as building a partnership that keeps you supported, all from our UK offices. 

From functionality and licensing to business strategy, we like your questions; contact our experienced team for open, honest and reliable advice so that we can find the answers.