Cannot connect to Market data stream

I cannot connect to wss://stream.data.alpaca.markets/v2/sip
I have no problem connecting to wss://data.alpaca.markets/stream or any other websocket server i tried including Polygon, TD Ameritrade, and many others.

I’m using fully patched Windows 2012 R2 server running .Net 4.8 app. It appears that windows 202 R2 does not support TLS1.3 I’m not an expert in SSL but based on my Wireshark research I get a connection failure because my client is using TLS1.2 ciphers while your server requires min ver 1.3

If i’m right what is the possible reason for limiting your connection to TLS1.3 clients only?

If i’m wrong please advise on what can possibly be the cause of such failures (see image below)

Connection failure

Hey @SpyToTheSky – we do have 1.2 enabled, based on everything I’m seeing here: TLS Checker - Instant Results | CDN77.com

What we do not support is Windows Server 2012 R2. General support for this version expired in 2018, so you’ll want to find a currently supported version in order to get your connection functioning.

1 Like

Why would you limit yourself to the latest TLS ciphers only?

Why do you care what operating system your clients use? As long as they are TLS 1.2 compliant.

According to Microsoft the Windows Server 2012 R2 support ends on 10/10/2023.

The fact Microsoft doesn’t support the strongest cipher suites in TLS 1.2 shows that Windows Server 2012 R2 is not as secure as it could be, and that there are no plans from Microsoft to be increasing the security during the extended support period. Why they don’t support these ciphers for TLS 1.2 or 1.3 is more of a Microsoft question.

General support ended in 2018 for this OS; extended support exists to allow Microsoft customers some time to upgrade to a newer version of their software.

For us, its all about maintaining an incredibly high-level of security across the board for our entire platform; this means not allowing any cipher suites that are considered weak, and potentially leave our infrastructure vulnerable.

Our recommendation is to either contact Microsoft to see if they can provide support for the stronger TLS 1.2 cipher suites or upgrade to Windows Server 2016 or later.

It is funny how the Windows Server 2012R2 TLS1.2 ciphers are secure enough for online banking at major banks, many other brokerages and endless HTTPS websites, including your own, but not good enough for your new websocket quote server that distributes “highly sensitive” real time quotes and therefore requires the latest and most secure ciphers 
None of the workarounds I found online work. The only option seems to upgrade to 2019 but i’m not ready to upgrade my servers yet - way too much hassle. Will keep using polygon for now.

Cannot connect to data streaming. Get error unauthorized.