SSL connection could not be established on android prior 9 - c#

Here is my scenario:
ASP.NET Core API server on azure using https
MAUI app, the android apk supporting from android 5.0+
installed on various devices:
huawei with android 10 on two devices: works perfectly
pixel 2 with android 11: works perfectly
pixel 4 with android 13: works perfectly
nokia with android 11: works perfectly
some old android 5.1 and other android 10 does not work
emulator with android 7 or 8: doesn't work
So same build, works on most of the devices, doesn't work on others.
Exception I get on android 5.1 is:
The ssl connection could not be established. See inner exception.
And in the inner exception I get:
System.PlatformNotSupportedExcetpion: Setting an SNI hostname is not supported on this API level.
I assume that this may be because android 5 is really old. However, I managed to get another inner exception when running on android 7 and 8 emulators.
The ssl connection could not be established. See inner exception.
However the inner exception is different:
System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception --> Interop.AndroidCrypto+SslExcetion: Exception of type 'Interop+AndroidCrypto+SslException was thrown -- End o inner exception stack trace at System.Net.Security.SslStream.
The code that makes the call is simple:
var httpClient = new HttpClient();
var responseFromServer = await httpClient.PostAsync(url, stringContent)
Any idea how to fix this? Maybe some backward compatibility settings on the server side? Something in android app?

Related

Azure Cognitive Speech TTS API does not work on Windows 8, 8.1, Server 2012, Server 2012R2 since 2022-01

I found an issue of Azure Cognitive Speech TTS Service;
Azure Cognitive Speech TTS API does not work on Windows 8,/8.1/Server 2012/Server2012R2 since 2022-01.
I made a program with Microsoft Cognitive Services Speech SDK and it worked well on Windows 8/8.1/Server2012/Server2012R2 as well as Windows 10/Server 2019.
I confirmed that there were logs that it has worked correctly until 2021-11-30 at least.
However, it does not work today.
So, I made a simple sample with Microsoft.CognitiveServices.Speech.csharp nuget package.
My sample code is as the following;
public static async Task SynthesisToAudioFileAsync(string text, string outputFileName)
{
var config = SpeechConfig.FromSubscription("xxxxx", "westus2");
config.SpeechSynthesisLanguage = "ko-KR";
config.SetSpeechSynthesisOutputFormat(SpeechSynthesisOutputFormat.Audio24Khz48KBitRateMonoMp3);
config.SpeechSynthesisVoiceName = "ko-KR-SunHiNeural";
using (var fileOutput = AudioConfig.FromWavFileOutput(outputFileName))
{
using (var synthesizer = new SpeechSynthesizer(config, fileOutput))
{
var result = await synthesizer.SpeakTextAsync(text);
if (result.Reason == ResultReason.SynthesizingAudioCompleted)
{
Console.WriteLine($"Speech synthesized to [{outputFileName}]");
}
else if (result.Reason == ResultReason.Canceled)
{
var cancellation = SpeechSynthesisCancellationDetails.FromResult(result);
Console.WriteLine($"CANCELED: Reason={cancellation.Reason}");
if (cancellation.Reason == CancellationReason.Error)
{
Console.WriteLine($"CANCELED: ErrorCode={cancellation.ErrorCode}");
Console.WriteLine($"CANCELED: ErrorDetails=[{cancellation.ErrorDetails}]");
Console.WriteLine($"CANCELED: Did you update the subscription info?");
}
}
else
{
Console.Write(result.Reason.ToString());
}
}
}
}
It works well on Windows 10/Server2019 with no error.
However, it does not work on Windows 8,/8.1/Server 2012/Server2012R2.
Of course, I executed windows update fully.
The error message is as the following;
CANCELED: Reason=Error
CANCELED: ErrorCode=ConnectionFailure
CANCELED: ErrorDetails=[Connection failed (no connection to the remote host). In
ternal error: 11. Error details: Code: 0. USP state: 2. Received audio size: 0 b
ytes.]
CANCELED: Did you update the subscription info?
I suspect that it may be TLS 1.2 issue and tried as the followings;
I changed Microsoft.CognitiveServices.Speech.csharp nuget package to several versions - 1.14, 1.13 and 1.19(latest version) but it did not work.
I tried to enable TLS 1.2 on Windows 8.1/Server2012 according to many google search results;
https://github.com/MicrosoftDocs/memdocs/blob/main/memdocs/configmgr/core/plan-design/security/includes/update-net-framework-to-support-tls-1-2.md
https://hide.me/en/knowledgebase/how-to-enable-tls-1-1-tls-1-2-in-windows-7-and-8/
https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client
and other many postings.
But, it did not work.
I downloaded Cognitive-Speech-TTS sample (Cognitive-Speech-TTS-master.zip) and run C# sample in Old folder.
https://github.com/Azure-Samples/Cognitive-Speech-TTS
It does not use Azure SDK and implements https rest API in low level. So I can review and change codes.
It also worked on Windows 10 but did not work on Windows 81./Server2012 as the following error message;
Starting TTSSample request code execution.
Unhandled Exception: System.AggregateException: One or more errors occurred. --->
System.Net.Http.HttpRequestException: An error occurred while sending the request. --->
System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
I confirmed that token API (https://westus2.api.cognitive.microsoft.com/sts/v1.0/issueToken) was called well but speak API (https://westus2.tts.speech.microsoft.com/cognitiveservices/v1) was not called with error message.
According to error message, it seems to TLS 1.2 issue.
So, I added to the following line;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11;
The error message became changed as the following on Windows 10 as well as Windows 8.1/Server2012
Starting Authtentication
Unhandled Exception: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. --->
System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host --->
System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
It was expected behavior because I forced TLS 1.1.
However, the error occurred in authentication step, contrary to above result - above test passed authentication.
So, TLS 1.2 may be enabled on my Windows 81./server2012 because token Uri may require TLS 1.2 according to above testing result.
I tired with speech recognition C# sample in cognitive-services-speech-sdk-master.
https://github.com/Azure-Samples/cognitive-services-speech-sdk
It worked well Windows 81./Server2012 as well as Windows 10.
MS doc said that Azure Cognitive Service requires TLS 1.2.
If TLS 1.2 is not available on my Windows 8.1/Server2012, all Azure Cognitive Service API must fail.
However, only TTS API fails.
Beside, it has worked until 2021-11 at least.
I've tried almost everything I could, but failed.
Finally I suspect that there may be some changes in Azure Cognitive TTS system at the end of 2021 and it may make the issue related to TLS connection from Windows 8/8.1/Server2012/Server2012R2.
In fact, the issue was reported on my customer's machines and upgrading Windows OS to Windows10/Server2019 is not an option because of many reasons.
So, I have to find a workaround on Windows 8/8.1/Server2012/Server2012R2.
Could you please let me know how I can solve the issue?
Best regards.
P.S.
I captured network packets of Cognitive-Speech-TTS C# sample using WireShark and confirmed that TLS 1.2 was used.
First handshaking to retrieve token(westus2.api.cognitive.microsoft.com - 20.51.8.244) succeeded but second handshaking to Azure Cognitive TTS Service(westus2.tts.speech.microsoft.com - 20.51.12.193) failed with the following message;
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake Failure).
I tested on Windows 10 and all TLS 1.2 handshaking succeeded with same test console program.
I added the following code to ignore certificate validation but it did not work;
ServicePointManager.ServerCertificateValidationCallback += (object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors) =>
{
return true;
};
I found actual reason.
It was TLS cipher suite issue of Azure TTS Service API Server.
I executed sslscan to westus2.tts.speech.microsoft.com and the result was as the following;
westus2.tts.speech.microsoft.com
Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve 25519 DHE 253
Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve 25519 DHE 253
Accepted TLSv1.2 256 bits ECDHE-RSA-CHACHA20-POLY1305 Curve 25519 DHE 253
I compared packet capturing result of WireShark between Windows 8.1 and Windows 10.
The result of Windows 10 has ECDHE-RSA-AES128-GCM-SHA256 and ECDHE-RSA-AES256-GCM-SHA384 but the result of Windows 8.1 does not.
So, Azure TTS API cannot work on Windows8/8.1/Server2012/Server2012R2 and it must be fixed by MS.

Xamarin.Droid HttpRequestException

I am new to Xamarin Forms. I am building an app which consumes a web service. I am getting HttpRequestException while trying to connect to server. The InnerException throws System.Net.WebException: Error: NameResolutionFailure at System.Net.HttpWebRequest.EndGetResponse (System.IAsyncResult asyncResult).
The code that crash is:
public async Task<IEnumerable<Bono>> GetAll()
{
var Url = Constants.baseUrl + "cliente/1/bonos";
HttpClient cliente = new HttpClient();
var bonos = await cliente.GetStringAsync(Url);
return JsonConvert.DeserializeObject<List<Bono>>(bonos);
}
I am using VS for Mac. The same works for Xamarin.iOS. Any suggestion on this?
If the endpoint that you are trying to consume is hosted on your local machine and you are running the application in the local android emulator, you could use the following IP address to reach the host machine from the emulator:
http://10.0.2.2
Of course this will break iOS but it's the IP that can be used from an android emulator to access the host. As an alternative you could use ngrok which can create a publicly accessible tunnel to an endpoint hosted on your local machine and then access the public endpoint from the android application. It could be helpful during development if you want to avoid hosting your endpoint to a network location that can be accessed from the emulator.

Azure MobileApp Client SDK crashes on Xamarin.Forms (Android)

The reproduce the error, I've created a blank mobile app and a new sql database.
Afterwards I've followed the quickstart guide and downloaded the backend and the Xamarin.Forms project.
I've deployed the Web-App to azure and started the Android app using the 5'' KitKat (4.4) XXHDPI Phone (Android 4.4 - API 19) emulator.
As soon as I add an item to the TodoItem - List (you see, it's the default sample app of xamarin mobile apps), the todoTable.InsertAsync call fails.
Unfortunately, there is no detailed error.
It's just a error message telling "An unhandled exception occured".
In the output window, I can see the following error:
03-01 19:48:33.781 I/MonoDroid( 1512): UNHANDLED EXCEPTION:
03-01 19:48:33.793 I/MonoDroid( 1512): Microsoft.WindowsAzure.MobileServices.MobileServiceInvalidOperationException: The request could not be completed. (Internal Server Error)
03-01 19:48:33.793 I/MonoDroid( 1512): at Microsoft.WindowsAzure.MobileServices.MobileServiceHttpClient+<ThrowInvalidResponse>d__24.MoveNext () [0x001ec] in <42e24ce875d34485ad11c4f8aebb904a>:0
So I've had a look at the azure mobile app in the azure portal.
Before I've ran the tests, I've enabled almost all the logs.
I can see FREB-Protocols I can see a post request to /tables/TodoItem which failed with http 500. Unfortunately it does not tell my anything about the error itself. Authentification is disabled, so the authentification should not cause any problems.
I've included the whole log here:
https://1drv.ms/b/s!AqCo2Ottp6L6wC7-nOFkDN7cERE6
Does anyone got any idea what could be wrong? Sitting here since far to many hours, guessing what could be wrong.
The Internal Server Error means your service is crashing - that's why it is not producing any logs. You've not shared anything about your backend, but that is where your problem is.
Run the service locally and attach a debugger and step through the backend code. You can find details of running the service locally (attached to a local SQL instance) in the HOWTO documents on learn.microsoft.com.

Issues connecting ibm mq client to a lower version

I am using 7x (7.5 mq client amqmdnet.dll) via .net and using MQPutMessageOptions and MQGetMessageOptions, this code works fine with mq 7.5 ibm client, however
IBM link
says 7x mq client will be backward compatible with 6x, when i try to connect, i get this error (am in a windows 7 64-bit OS).
System.TypeInitializationException: The type initializer for 'IBM.WMQ.MQQueueManager' threw an exception. ---> System.TypeInitializationException: The type initializer for 'IBM.WMQ.CommonServices' threw an exception. ---> System.NullReferenceException: Object reference not set to an instance of an object.
at IBM.WMQ.CommonServices..cctor()
--- End of inner exception stack trace ---
at IBM.WMQ.CommonServices.TraceEnabled()
at IBM.WMQ.MQBase..ctor()
at IBM.WMQ.Nmqi.NmqiEnvironment..ctor(NmqiPropertyHandler nmqiPropertyHandler)
at IBM.WMQ.Nmqi.NmqiFactory.GetInstance(NmqiPropertyHandler properties)
at IBM.WMQ.MQQueueManager..cctor()
The line that throws the above error is :
MQQueueManager mqQMgr = new MQQueueManager("My queue manager" , "my channel name" ,"my connection name");
PS: the above line with the same params work fine in 7.5 mq client , but fails when a 6x (for ex: 6.0.2.5 mq client is installed, i have done 'typical' installation (full installation of 6x mq client).
Any idea how to make it work with 6.0.2.5?
Yes, that link is correct. What the link is saying if you have MQ v7.5 client installed, you will be able to work with MQ v6.0 queue manager running on a remote machine. But what you are trying appears to be different. You appear to have compiled the application with MQ v7.5 client but trying to run it on MQ v6.0.x client. This will not work.

Getting ServiceStack RedisStackOverflow example to work

Hi I am new to ServiceStack+Redis. Now I am looking at RedisStackOverflow example that comes with ServiceStack.
I get an error when I try to run it:
SocketException - An operation was attempted on something that is not
a socket.
Call stack location: ServiceStack.Redis.PooledRedisclientManager.Finalize() Line 324
The web page shows up but with no data. I also have Redis as Windows Services 2.4.6 32bit installed and verified it is working with the Redis Client.
I am running on a vista 32bit box, iis7 vs2010:
Sorry about the picture size, please zoom in to see the exception details.

Categories