Our WCF client normally invokes a web service. All deployments of the client invoke the same web service. In most deployments it makes the call without any issues, except in one instance it reports the following exception:
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
What could be different with this one installation?
We tested the URL that the client uses to make the call to the web service in the browser. The web service returns a response ok in Firefox but not in IE.
Have you seen this article yet? It contains fairly good tips for troubleshooting these issues: http://blogs.msdn.com/b/jpsanders/archive/2009/09/16/troubleshooting-asp-net-the-remote-certificate-is-invalid-according-to-the-validation-procedure.aspx?Redirected=true
For example, you'll need to check that the particular machine has all the root and intermediate certificates properly deployed.
I found the solution - there was a new web service server certificate installed with SHA256 and Windows 2003 Server requires a hotfix to support it:
http://support.microsoft.com/kb/938397
Related
I am trying to publish a bot that I coded in C# through visual studio 2015 on to AWS. I installed the Amazon Cloud SDK and was able to successfully publish the bot to AWS. I updated the bot endpoint with the address it gave (http://benbot-dev.us-west-2.elasticbeanstalk.com/). But when I go to Microsoft Bots site and test the bot connection it says Unable to connect to the remote server. Please help. I am thinking it is the https endpoint issue. But I am not sure how to get an API Gateway endpoint, if I should.
<<<<<<<<<<
500 InternalServerError
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 52.42.245.162:443
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Intercom.DevPortal.Server.Controllers.BotManagerController.<PingV3BotAsync>d__54.MoveNext() in C:\a\1\s\DevPortalLib\Controllers\BotManagerController.cs:line 1420
>>>>>>>>>>>>>>>>
This exception message tells you that within your server code you are trying to reach server at 52.42.245.162, and this server is inaccessible (more specifically, https port 443 is inaccessible). This IP resolves to some AWS host (use nslookup command to find this out, see this answer). You can try to ping this IP, or try to see if port 80 is accessible (both are not from my host). Or you can try to enumerate if any other ports are open on that host (search google/bing for instructions how to do that). If you can't reach that port from your host, Microsoft Bots site can't reach it either. If your service is running on that IP, the most probably cause is that you have to open the port on AWS to be accessible from public internet (search google/bing for aws open port or aws allow ssh)
We are connecting to a specific website using a TLS connection. We are enforcing TLS 1.2 as the only allowed protocol in the client code. In about 99% of all cases connection setup is OK and shows no errors. However from time to time we receive the following exception:
System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The buffers supplied to a function was too small
--- End of inner exception stack trace ---
at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
at Fw.Connections.Ssl.Private.ClientInstance.AuthenticateClientCallback(IAsyncResult result);
We have tested the remote server with SSL labs and we receive an A+ with no failures or problems reported, it's not a server under our control so the remote environment is not very well known.. We have tested the client code on Windows server 2012 (datacenter) and Windows7 clients. Both show the error from time to time. Is this a known bug in the .NET framework?
Before our application is deployed to our production environment, we call a number APIs in lower environments from our .NET web application. Those servers that host the APIs tend not to have certs signed by a trusted Certificate Authority.
I created the following code as a workaround, with a safety to exclude running this code in our production environment:
if (ignoreCertErrors && environmentName.ToLower() != "PROD")
{
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
}
Both ignoreCertErrors and environmentName are parameters provided to the method that contains this logic.
This worked on my local development box (Windows 7) but when I deployed it to Windows 2012 R2 test server, my calls to APIs with certs that aren't trusted still fail with the following errors:
=================================================================
Message: The underlying connection was closed: An unexpected error
occurred on a send. Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResultar)
=================================================================
Message: Unable to read data from the transport connection: An
existing connection was forcibly closed by the remote host. Stack
Trace:
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
=================================================================
Message: An existing connection was forcibly closed by the remote host
Stack Trace:
at System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult)
at System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult)
=================================================================
Do I need change this logic, or do something new to ignore certificate warnings on Windows Server 2012 R2?
I'm going to approach this a different way, I've created a question related to the error messages and ask for suggestions to resolve.
I am trying to run/debug locally my cloud project, but service bus connection keeps crashing with error:
<15:46:59> MessagingFactory successfully created
<15:47:39> Exception: The underlying connection was closed: An unexpected error occurred on a send..
....
System.IO.IOException: Unable to read data from the transport connection:
An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult)
at System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult)
--- End of inner exception stack trace ---
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)}
Also I receive this error when using Service Bus Explorer tool.
When deploy to cloud everything works ok, service bus connection is ok.
Can anyone help me with this? what could be the reason?
Thank you in advance!
Maybe the problem is with the SSL certificate validation protocol. Try this to force the latest protocol type.
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
There are several reason leading to such error so you may check the following
You have configured the settings correctly.
Firewall in your system allows the connection (protocol, host & port)
DNS servers configured in your network are able to resolve the host.
Your ISP is not blocking your connection due to any reason
Since there is no fixed solution for your error, you may have to work a little hard to figure out the actual issue. You may also find some useful information from the log files if enabled.
Sorry if the Title is a little vague but the truth is I do not understand my problem, I have never come across this before and I havent done anything out of the Ordinary.
Right I have a basic Silverlight 4 Application using the Business Application Template. I have also created a WCF Service Application Project which is used to simply return an Observable collection for some entries in my Database,
I published this to my Local computer which I then referenced in my SL4 app and I get this exception
[System.ServiceModel.CommunicationException: The remote server returned an error: NotFound. ---> System.Net.WebException: The remote server returned an error: NotFound. ---> System.Net.WebException: The remote server returned an error: NotFound.
at System.Net.Browser.BrowserHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult)
at System.Net.Browser.BrowserHttpWebRequest.<>c__DisplayClass5. <EndGetResponse>b__4(Object sendState)
at System.Net.Browser.AsyncHelper.<>c__DisplayClass4.<BeginOnUI>b__0(Object sendState)
--- End of inner exception stack trace ---
at System.Net.Browser.AsyncHelper.BeginOnUI(SendOrPostCallback beginMethod, Object state)
at System.Net.Browser.BrowserHttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest. CompleteGetResponse(IAsyncResult result)
--- End of inner exception stack trace ---
at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result)
at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
at System.ServiceModel.ClientBase`1.ChannelBase`1.EndInvoke(String methodName, Object[] args, IAsyncResult result)
at RMServiceRIA.rService.Service1Client.Service1ClientChannel.EndgetBuildings(IAsyncResult result)
at RMServiceRIA.rService.Service1Client.RMServiceRIA.rService.IService1.EndgetBuildings(IAsync Result result)
at RMServiceRIA.rService.Service1Client.OnEndgetBuildings(IAsyncResult result)
at System.ServiceModel.ClientBase`1.OnAsyncCallCompleted(IAsyncResult result)}
I have got a clientaccess policy and crossdomain policy which for the purpose of testing is set to allow anything access,
Client Access Policy
Cross Domain
any ideas on how to fix this problem, I debugged my WCF Service and it receives the call, the method executed reaches its return statement, yet my SL4 never even receives the result, as soon as my WCF service has the result I get an exception thrown within my SL4 app, to me it just seems that the connection gets closed but I dont know and I have tried to research but where do you start with something you dont fully understand? I found many people with the same sort of error message but WCF is so damn cryptic... I did try and enable the debugging information inside of my webconfig. I have also tried to host the WCF service on my Web server but no luck, I have several WCF Services running on that with a similar set up so I am unsure why this isnt working
Web Config for WCF Service
client config
Thanks for having a look, and if you need any more info just ask I'll be happy to provide you with it,
Your best bet is to turn on WCF Tracing so you can see what is going on.
http://software.intel.com/en-us/blogs/2010/02/03/adventures-with-silverlight-and-wcf-the-remote-server-returned-an-error-notfound/
Most likely there is an issue with serializing something. Not found is just the Silverlight version of a 500 error.