This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 75%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Visual Studio 2022 gives an error when trying to browse NuGet.
I get these errors on 2 different Windows Servers (2016) I’ve tried. One running Visual Studio 2017, the other running Visual Studio 2019 and 2022.
Visual Studio 2017:
“[nuget.org] Unable to load the service index for source https://api.nuget.org/v3/index.ison.
An error occurred while sending the request.
The underlying connection was closed: An unexpected error occurred on a send.
Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
An existing connection was forcibly closed by the remote host.”
Visual Studio 2022:
[nuget.org] Unable to load the service index for source https://api.nuget.org/v3/index.json. An error occurred while sending the request. The underlying connection was closed: An unexpected error occurred on a send. Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. An existing connection was forcibly closed by the remote host
Note that we do not use a proxy.
Loading https://api.nuget.org/v3/index.json with both Chrome and Edge work.
Loading https://api.nuget.org/v3/index.json with Internet Explorer returns:
“This page can’t be displayed
Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://api.nuget.org again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.”
Things I’ve tried that have failed to resolve it
updated Visual Studio
Clearing nuget cache from within Visual Studio
Deleted NuGet.Config from C:\Users\<user>\AppData\Roaming\NuGet
Modified C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\Common7\IDE\devenv.com based on tips I found. I know it’s possible that what I changed was not correct. Reverted back.
Registry changes:
Computer\HKEY LOCAL MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client
Computer\HKEY LOCAL MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
Computer\HKEY LOCAL MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client
DisabledByDefault = 1
Enabled = 0
Computer\HKEY LOCAL MACHINE\SYSTEM\ CurrentControl Set) Control SecurityProviders \SCHANNEL\Protocols\TLS 1.2\Client
DisabledByDefault = 0
Enabled = 1
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v2.0.50727
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v2.0.50727
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319
SchUseStrongCrypto = 1
SystemDefaultTlsVersions = 1
Tried moving the server's Active Directory object out of the current AD OU which has a Group Policy configured with specific ciphers enabled, and the order of preference, into a new OU with this NOT configured.
Tried disabling anti-virus software
Reference links, things I've tried or looked into:
https://learn.microsoft.com/en-us/security/engineering/solving-tls1-problem
https://learn.microsoft.com/en-us/troubleshoot/azure/active-directory/enable-support-tls-environment?tabs=azure-monitor%22%20%5Cl%20%22registry-strings
https://stackoverflow.com/questions/41185443/nuget-connection-attempt-failed-unable-to-load-the-service-index-for-source
At this point, I'm run out of ideas. It seems like Visual Studio is not adhering to the system's default TLS settings (1.2) but it could possibly be something else.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 14.000000000000002%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESJ%3C/text%3E%3C/svg%3E)
Hi,
We had this issue today, this was resolved out end by adding TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 into HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002
Also ensured only 'Use TLS 1.2' was enabled in IE Options, and no proxy settings were set up.
Hope this helps.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 14.000000000000002%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVC%3C/text%3E%3C/svg%3E)
Did you add a new key, a new string value or modified an existing one ? Please provide a bit more info, thank you !
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 44%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Add new KEY
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 16%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJD%3C/text%3E%3C/svg%3E)
I had this same issue. This answer absolutely worked for me. You have to go to the registry editor and add: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
as a new key/new string value (I did both). create the new item then rename it.
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 45%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETG%3C/text%3E%3C/svg%3E)
For anyone hitting a 401, about a week after changing my corporate password all Visual Studio versions started using old credentials. Deleting all the credentials cached in Credential Manager (search for it in the start menu) fix me up. I never knew that existed, but thankfully our help desk did!
I posted this question on an internal Slack channel and someone responded there with a similar reply.
I added these two to our GPO and it fixed it.
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Thanks for your help!
Can you elaborate ? What's GPO ? Did you add a new key, or a new string/value new binary value ?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 45%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPW%3C/text%3E%3C/svg%3E)
@Vincent Castagna I have the same question. The frequent use of initialisms is annoying. I think GPO is referring to Group Policy Objects but I'm not sure.
Like you also asked, it would be helpful if they explained how they added these keys to the registry.
Yeah, GPO is Group Policy Object. I added the two mentioned lines to it using Group Policy Management Console but we do it for a policy that applies to multiple servers.
https://learn.microsoft.com/en-us/windows-server/security/tls/manage-tls
For a single server, you can do it using regedit, like how SlyJack suggested.
More info here:
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 69%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAD%3C/text%3E%3C/svg%3E)
I had a very similar issue and so did what @Sly, Jack and @mindmischief recommended
Thank all. This totally saved my butt after 3 days trying to solve the NuGet issue with VS22. My trouble began when I uninstalled Windows PowerShell. Don't do that, it totally screwed package management for PS and VS. At least now, VS is working again.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 85%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
How to add below to registry editor? Which option to chose from?
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Thanks. Can you tell me which option to chose for adding?