I recently had a problem on an Office Web App Server (Windows Server 2012 R2). To show a document in Web View, it had to fetch it from another server via HTTPS. This failed.
The ULS log showed:
"The request was aborted: Could not create SSL/TLS secure channel"
When I used Internet Explorer from the Office Web App Server, I could connect to the other server via HTTPS no problem. So the certificate was not the problem, it was trusted on the Office Web App Server.
After hours of searching, I found that IIS (and with that .NET and also Powershell) uses different TLS settings than Internet Explorer.
I tried the PowerShell command
Invoke-WebRequest 'https://myserver.example.com'
and got the same error message. When I typed
[System.Net.ServicePointManager]::SecurityProtocol
I got this:
Ssl3, Tls
As these are outdated and vulnerable protocols, you have to enable those and add TLS 1.1 and 1.2
The easiest is to add the following Registry setting:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
SchUseStrongCrypto = 1 (Type = DWord)
If you start a new PowerShell session and use the command from above, you will see the new protocols:
Tls, Tls11, Tls12
I restarted IIS, and now Office Web App could access the other server via HTTPS.