Cannot perform Win10 ESU Offline Activation using Proxy Scenario 2 activation

Question

Cannot perform Win10 ESU Offline Activation using Proxy Scenario 2 activation

J Bates 0

I am unable to perform an offline bulk activation of Windows 10 ESU licenses using the Proxy Scenario 2 activation method. When I use VAMT on my Internet facing server VAMT states "Successfully acquired confirmation IDs for 0 out of xxxx products. (The action was not applicable for 0 products in the file)."

I verified several times I performed the setup/configuration steps properly in the Proxy Scenario 2 above. When I investigate further and view the Volume Activation Management Tool log I receive the following error message:

Error while acquiring CIDs: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possess a common algorithm

at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)

at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential& secureCredential)

at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, X509Certificate2 selectedCert, Flags flags)

at System.Net.Security.SecureChannel.AcquireClientCredentials(Byte[]& thumbPrint)

at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)

at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)

at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest, Boolean renegotiation)

at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest, Boolean renegotiation)

at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)

at System.Net.TlsStream.CallProcessAuthentication(Object state)

at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)

at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)

at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)

at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)

at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)

at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)

at System.Net.ConnectStream.WriteHeaders(Boolean async)

--- End of inner exception stack trace ---

at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)

at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)

at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)

at Microsoft.Net.SoapHttpClientProtocol.<>c__DisplayClass9.<InvokeFollowRedirect>b__7()

at Microsoft.Net.ErrorProtocol.ErrorProtocolInstance.PerformProtocolInnerTResult

at Microsoft.Net.ErrorProtocol.ErrorProtocolInstance.PerformProtocolTResult

at Microsoft.Net.ErrorProtocol.PerformProtocolTResult

at Microsoft.Net.SoapHttpClientProtocol.InvokeFollowRedirect(String methodName, Int32 redirectCount, Object[] parameters)

at Microsoft.Licensing.VolumeActivation.ClientProxy.GetCapabilities()

at Microsoft.Licensing.VolumeActivation.ActivationService.GetCapabilities()

at Microsoft.Licensing.VolumeActivation.AcquireConfirmationIdWorker.AcquireConfirmationId(Collection`1 products)

Please assist in resolving this issue.

3 answers

Your answer

Answer 1

Hi J Bates,
Based on the error message “client and server cannot communicate, because they do not possess a common algorithm,” this issue usually occurs when your VAMT server does not have TLS 1.2 enabled, or there is a mismatch in cipher suites.

To resolve this, please follow these steps:

Enable TLS 1.2 in the registry: Open regedit and add/modify the following keys:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]

"DisabledByDefault"=dword:00000000

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]

"DisabledByDefault"=dword:00000000

"Enabled"=dword:00000001

( Please back up your registry before making any changes ).

Update .NET Framework to the latest version:

VAMT relies on .NET for secure communication.
Make sure the latest updates are installed from Microsoft .NET download.

Restart the server after applying the registry changes and .NET updates.

4. Retry acquiring Confirmation IDs using VAMT. Once everything is configured correctly, communication with the Microsoft activation service should succeed, and offline bulk activation will complete successfully.

If it’s solved, kindly click “Accept Answer”, it helps others in the community as well 😊

Answer 2

J Bates 0

I have verified the TLS 1.2\Server and Client is enabled and the server has the latest .NET. The same error message is still recieved.

Answer 3

J Bates 0

I was able to resolve this issue with the following:

Enable TLS 1.2 for .NET 4.x

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001

Hailey Huong Bui 680 Reputation points Independent Advisor

2025-11-07T05:16:40.1+00:00

Dear J Bates

If it’s solved the problem. Kindly click “Accept Answer” because it will help others in the community as well

Thank you.
J Bates 0 Reputation points

2025-11-07T13:01:41.7666667+00:00

Hailey,

Your solution did not resolve the problem.

Share via

Cannot perform Win10 ESU Offline Activation using Proxy Scenario 2 activation

3 answers

Your answer