FAQ #20558, published on 2020-10-02
How to cope with the error code 100138 when accessing a Web server?

Sending an HTTPS request, calling a REST API, consuming a SOAP webservice, or asking for authentication with AuthIdentify, all these actions may fail with this kind of error message:

HTTPSend function

System error sending HTTP request.

Error code: 100138

This error means that the encryption of the connection is not possible. The encryption failure can be related to:

  • the request,

  • the configuration of the workstation,

  • the certificate on the server.

The following actions might be performed:

  • Check whether the URL does not contain spaces or characters that do not conform to the URL protocol.

  • If an HTTPRequest/restRequest variable is used, check whether its given headers do not include an ["accept-encoding"].

  • Make sure that the Windows version and security settings of the station are up-to-date.

  • Make sure the server supports TLS 1.2, which is now the minimum version required by servers hosting secure websites or webservices. SSL 2.0 is also a prerequisite.

  • Update the certificate databases of the station:

Test the URL in Internet Explorer or Edge. This may be enough to force the system to validate the certificate.

if the request fails again, replace the HTTPSend function with the HTTPrequest function. The HTTPrequest function forces the root certificates to be updated. (In version 26, HTTPSend will also force this update.)

If the request still fails, it might be because the certificate is not issued by a trusted authority. It is possible to force its recognition by a calling the TrustedCertificateAdd function.

Special cases :

The station cannot have TLS 1.2 and the call is made with the HTTPRequete function.

Try replacing the call of the HTTPRequest function by a call of HTTPSend with a variable of type HTTPRequest, or call HTTPparameter( httpParameterMode, 2) before calling HTTPRequest.

The station cannot have TLS 1.2 and the call is made with the AuthIdentify function.

Try calling HTTPparameter( httpParameterMode, 2) before calling AuthIdentify.

For both cases it is, however, strongly recommended trying to enable TLS 1.2 first.