I have been provided with a wcf service url, private and public certificate to consume it.
My url is https:/xxxx.com/xxxx/xxxx.svc
my private certificate is xxx.pfx
my public certificate is xxxx.cer
When I try to add service reference from my client application it throws the following error.
There was an error downloading
'https://xxxx.com/xxxx/xxxx.svc'.
The underlying connection was closed:
An unexpected error occurred on a receive.
Unable to read data from the transport connection:
An existing connection was forcibly closed by the remote host.
An existing connection was forcibly closed by the remote host
Metadata contains a reference that cannot be resolved:
'https://xxxx.com/xxxx/xxxx.svc'.
An error occurred while receiving the HTTP response to
https://xxxx.com/xxxx/xxxx.svc.
This could be due to the service endpoint binding not using the HTTP protocol.
This could also be due to an HTTP request context being aborted by the server
(possibly due to the service shutting down).
See server logs for more details.
The underlying connection was closed: An unexpected error occurred on a receive.
Unable to read data from the transport connection:
An existing connection was forcibly closed by the remote host.
An existing connection was forcibly closed by the remote host
If the service is defined in the current solution,
try building the solution and adding the service reference again.
I have the certificates installed under personal, trusted people, trusted publishers folder. I don't have access to the server to check the server configuration. But I have been told that this is working for different client. I am sure I am messing the installation of certificates. It would be great if someone can point me into the right direction.
Thanks,
Esen
You got to enable tracing to see whats going on at the server. The error message you posted is more generic.
http://msdn.microsoft.com/en-us/library/ff648360.aspx
http://msdn.microsoft.com/en-us/library/ms733025.aspx
First just try to remove service reference from the project, remove system.ServiceModel section from web.config and add service reference again. This will force VS to completly rebuild system.ServiceModel section. If this does not help additional wcf client configuration is required.
Here is great sample how to properly configure wcf client to use certificate:
http://www.codeproject.com/Articles/28248/Securing-WCF-Services-with-Certificates
If you are still experiencing problems after this you could be missing some custom endpointBehavior. In this case you should contact wcf service provider.
Related
We have a issues with our bot
It was working fine during the last 4 months without any errors.
But today we receive the relevant error :
2018-12-17T17:50:25 PID[5736] Error
Error refreshing OpenId configuration: System.InvalidOperationException:
IDX20803: Unable to obtain configuration from: '[PII is hidden]'.
---> System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII is hidden]'.
---> System.Net.Http.HttpRequestException: An error occurred while sending the request.
---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send.
---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
The complete log file was shown at this link : https://pastebin.com/ZLx9G9W7
I think it's a exception due too IIS configuration but we have not changed anything on that.
Thanks you in advance.
Okay I have had a phone call with an engineer from Microsoft. They told me BotFramework doesn't support TLS 1.0 anymore and we have to migrate to version 1.2. They have anounced this in a blog post: https://blog.botframework.com/2018/11/06/announcement-azure-bot-service-enforcing-transport-layer-security-tls-1-2/
My bot was fixed by adding this line in the startup code (in my case it was Application_Start in Global.asax.cs):
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
I know this post is quite old, but I just ran into this exact error message yesterday with an Azure App Service (Bot Framework v4.15):
Exception: System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://login.botframework.com/v1/.well-known/openidconfiguration'.
The issue was that the App Service had lost the ability to resolve DNS. This was confirmed by opening the Kudu Debug Console and running:
nameresolver.exe login.botframework.com (and any other hostname)
Unfortunately, this was a temporary outage of some sort on Microsoft's end (currently being investigated with MS support). I had to deploy a separate plan and App Service in order to restore service. Frustratingly, the broken App Service started magically working again the next morning.
I have trubble enable https for a simple webservice project. The service i starting but I canĀ“t browse it at all? Its like it is not really published? If I switch to regular http it works fine.
Finddler respondes with this :
fiddler.network.https> HTTPS handshake to localhost failed.
System.IO.IOException Unable to read data from the transport
connection: An existing connection was forcibly closed by the remote
host. < An existing connection was forcibly closed by the remote host
The WCF log says nothing more then that the service is started.
Here is a test projekt : https://onedrive.live.com/redir?resid=DE992A2C8B8C2EC9!7740&authkey=!APkS4Y9ODK-Y-Lk&ithint=file%2czip
You should be able to switch the certificate against any one you already have.
Edit : The certificate Im using are a selfsigned for testing but that should not matter.
I hade to bind the port to the certificate like in this article : https://msdn.microsoft.com/en-us/library/ms733791(v=vs.110).aspx
I have a really strange issue when Visual Studio resolves the server SSL certificate.
The API I am using requires me to send a certificate along with the request to 'verify who I am'. Initially I referred to this certificate within my UnitTest using X509Certificate2 and then importing it as a byte[]. What I didn't want to do, is have this laying around in my code referring to a specific location on my local disk (I want to run the unit tests automatically on my build server) so opted to install the certificate within the certificate store (which I could later install on the build server). And when I tested this Uri within the browser (IE) it asked for the certificate I wanted to use and rather stupidly I clicked OK without really reading what it was asking me to do.
Problem is, since doing this I am unable to run my unit test (I am making an HttpWebRequest) - as soon as it hits the following line it throws a WebException.
using (var response = request.GetResponse())
{
// Removed content ...
}
The exception response is null , here is the exception
System.Net.WebException: The underlying connection was closed: An
unexpected error occurred on a receive. ---> System.IO.IOException:
Unable to read data from the transport connection: An existing
connection was forcibly closed by the remote host. --->
System.Net.Sockets.SocketException: An existing connection was
forcibly closed by the remote host
The only reason I can see for this error is that Visual Studio is using the wrong SSL certificate for the server connection (as I am using the test API Uri, I can verify this is sort of the case by using the live API Uri which works fine)
I have tried the following:
Removing the certificate from the store
Adding the certificate back to the store
Clearing all browser cache
Restoring IE back to 'factory settings'
Clearing the SSL cache within IE
Tried setting Keepalive to true and then false
This issue was affecting all browsers but I have managed to get it working. I have tried to use Fiddler to identify if the server is doing something crazy (including decrypting SSL connections) and I can see this is actually responding with a 403 error.
Has anyone else got any ideas?
Edit
Just tried to run this on the build server, still get the same error so I will check with the API provider to see if a/ my certificate has expired b/ their service is actually up!
System.Net.WebException: The underlying connection was closed: An
unexpected error occurred on a receive. ---> System.IO.IOException:
Unable to read data from the transport connection: An existing
connection was forcibly closed by the remote host. --->
System.Net.Sockets.SocketException: An existing connection was
forcibly closed by the remote host
Issue was with the API provider.
I am trying to run/debug locally my cloud project, but service bus connection keeps crashing with error:
<15:46:59> MessagingFactory successfully created
<15:47:39> Exception: The underlying connection was closed: An unexpected error occurred on a send..
....
System.IO.IOException: Unable to read data from the transport connection:
An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult)
at System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult)
--- End of inner exception stack trace ---
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)}
Also I receive this error when using Service Bus Explorer tool.
When deploy to cloud everything works ok, service bus connection is ok.
Can anyone help me with this? what could be the reason?
Thank you in advance!
Maybe the problem is with the SSL certificate validation protocol. Try this to force the latest protocol type.
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
There are several reason leading to such error so you may check the following
You have configured the settings correctly.
Firewall in your system allows the connection (protocol, host & port)
DNS servers configured in your network are able to resolve the host.
Your ISP is not blocking your connection due to any reason
Since there is no fixed solution for your error, you may have to work a little hard to figure out the actual issue. You may also find some useful information from the log files if enabled.
I have successfully created my service, I have modified it ever so slightly so that it does a little more than the bog standard "Hello World".
The service compiles and runs and give me the following address to add into my client application:
127.0.0.1:81/Appointments.svc
When I follow the next tutorial in the series: https://azure.microsoft.com/en-us/documentation/articles/cloud-services-configure-ssl-certificate/
During step 5, when I add the reference to the service, it gives me the following error message:
An error (Details below) occurred while attempting to find services at '127.0.0.1:81/Appointments.svc'
Metadata contains a reference that cannot be resolved: '127.0.0.1:81/Appointments.svc?wsdl'.
The WSDL document contains links that could not be resolved.
There was an error downloading '127.0.0.1:81/Appointments.svc?xsd=xsd0'.
The underlying connection was closed: The connection was closed unexpectedly.
Metadata contains a reference that cannot be resolved: '127.0.0.1:81/Appointments.svc'.
Content Type application/soap+xml; charset=utf-8 was not supported by service 127.0.0.1:81/Appointments.svc. The client and service bindings may be mismatched.
The remote server returned an error: (415) Cannot process the message because the content type 'application/soap+xml; charset=utf-8' was not the expected type 'text/xml; charset=utf-8'..
If the service is defined in the current solution, try building the solution and adding the service reference again.
I guess it might be some permission issues. Can you try to grant permissions on C:\Windows\Temp and see if that resolves your problem. The account that is associated with your apppool under which the service is running needs to have permissions on this folder.