My servers has been recently upgraded to support TLS 1.2 and rest other (TLS 1.0 and TLS 1.1.) has been disabled. Now when I tries to generate the reference it gives me following exception:
service Url = https://server-name/service.asmx
Error: Cannot obtain Metadata from "service url" If this is a Windows (R) Communication Foundation service to which you have access, please check that you have enabled metadata publishing at the specified address. For help enabling metadata publishing, please refer to the MSDN documentation at http://go.microsoft.com/fwlink/?LinkId=65455.WS-Metadata Exchange Error URI: "service url" Metadata contains a reference that cannot be resolved: "service url". An error occurred while making the HTTP request to "service url" This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. The underlying connection was closed: An unexpected error occurred on a send. Received an unexpected EOF or 0 bytes from the transport stream. HTTP GET Error URI: "service url" There was an error downloading "service url". The underlying connection was closed: An unexpected error occurred on a send. Received an unexpected EOF or 0 bytes from the transport stream.
I tried the solution at following link but didn't worked for me, Kindly help.
support.microsoft.com/kb/888528
We recently ran into this exact issue, after PCI compliance forced us to blanket-disable SSL3 and TLS 1.0. Ultimately, the best solution we found was the same one that client apps are using to allow connectivity to web services on .NET 4.5+; namely, adding some code to adjust that setting for Visual Studio at runtime. In the most basic form, that looks like this:
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls | System.Net.SecurityProtocolType.Tls11 | System.Net.SecurityProtocolType.Tls12;
We did this via a VS package with a simple configuration UI, which is available in the visual studio gallery, if you want a drop-in solution:
https://visualstudiogallery.msdn.microsoft.com/63750942-1ebe-45dd-bade-552dd850873e
If you'd rather handle it yourself, all you need to do is create a VSIX package or an Add-In (both of which require the visual studio sdk).
Good luck!
I faced the same issue also, i was not able to add service reference in visual studio.
But after installing the Add-In and enabling the TLS1.2 in visual studio, I was able to update the service reference.
Tools -> Security Protocol Manager 2013
https://visualstudiogallery.msdn.microsoft.com/63750942-1ebe-45dd-bade-552dd850873e
I was getting error:
The request was aborted: Could not create SSL/TLS secure channel.
Metadata contains a reference that cannot be resolved:
An error occurred while making the HTTP request to https://...Service.svc.
This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server.
The underlying connection was closed: An unexpected error occurred on a send.
Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
Related
I have a Blazor Server Application that is invoking a 3rd party API using IHttpClientFactory. When I execute the calling code on my local Windows 11 machine I receive the exception below. However, If I run the same code from an Azure Web App, the API is called successfully.
Error: System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
System.Security.Authentication.AuthenticationException: Authentication failed because the remote party sent a TLS alert: '112'.
I have attempted setting the Security protocol to TLS1.2 using the ServicePointManager, however, this does not make a difference. I have run Wireshark to glean some additional information, but all I can see is that my machine is initiating the call with TLS 1.2.
Does anyone have an idea as to why my code works in Azure, but not in my local development environment?
According to the behavior in azure web app, I think the issue should related to environment.
And if you have another os version pc, you can test it, and it should be work normally.
And I found the workaround in win11. You can add the registry key and removed the code to set the protocol to TLS1.2, and the TLS handshake worked from your Windows 11 system.
I get the following error message when I try to send message to Microsoft Message Queue to server on the local network from BizTalk 2016 using the MSMQ adapter:
Could not load file or assembly
Microsoft.BizTalk.Adapter.MSMQ.MsmqLargeMessageWrapper.dll or one of
its dependencies. The specified module could not be found.
BizTalk, BizTalk Adapter Packs and BizTalk Enterprise Adapters are installed, and I am able to configure send and receive handlers and the send port itself.
Are there any pre-requisities I need to install?
Not very often you google and find four irrelevant answers...so what am I not getting?
Ok, got it. I was unlucky while I was thinking... ;|
MSMQ Adapter is built to call Windows Message Queuing queue on a Windows Server. If you call a remote queue, you need to activate Microsoft Messaging feature on the local server too - otherwise you end up with a simlar error message like above. It will forward the queue processing to the remote server.
I have disabled TLS 1.0 and TLS 1.1. in Identity Server (v4 running in a Service Fabric Cluster using WebHostBuilder, targeting .NET 4.6.2 using a self-signed cert). I have added the following in Startup.cs:
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
And I receive the following error:
System.InvalidOperationException: IDX10803: Unable to create to obtain
configuration from: 'https://services.mytest.com:8443/oauth/.well-
known/openid-configuration'. ---> System.IO.IOException: Unable to get
document from: https://services.mytest.com:8443/oauth/.well-
known/openid-configuration ---> System.Net.Http.HttpRequestException: An
error occurred while sending the request. ---> System.Net.WebException: The
underlying connection was closed: An unexpected error occurred on a receive.
---> System.ComponentModel.Win32Exception: The client and server cannot
communicate, because they do not possess a common algorithm
I've looked at the questions here:
IDX10803: Unable to create to obtain configuration
Unable to obtain configuration from well-known/openid-configuration
I've tried the suggestions (including adding the cert to trusted root)
I don't know much about that particular piece of software but the problem here is not that the certificate is not trusted (according to the error message) but your server and client try to negotiate during TLS handshake which protocol version, cryptographic ciphers and keyexchange mechanism should be used. It would seem that the client and server have now become incompatible. Either change the client or the server.
See also for an related and post with a possible solution:
The client and server cannot communicate, because they do not possess a common algorithm
We are having Tridion 2011 SP1 environment up and running with one CMS server and one CDS server. Today we installated new CMS server and pointed it to existing SQL Server database. We used same MTSUser, same database credentials. Installation went smooth, but when we try to access CMS server we are getting 9 error as below.
1) The remote server returned an error: (404) Not Found.
at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
2) Loading list of languages failed.
at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
3) Loading list of locales failed.
at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
How to troubleshoot ?
We are able to access SQL Server database using ODBC.
Use a tool like Fiddler to watch HTTP traffic when you load the Tridion GUI, and find the requests that are failing.
From here you could use WCFTestClient to get more specific details on the errors and the available bindings.
My guess is IIS Configuration.
I would like to suggest you to think a bit out of box. As errors are more specific to WCF service. so configure tracing and see what things are going wrong with the webservice.
This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). After all I will again recommend you to see server logs for more details. I or someone else can better help you , if you can share logs here.
Is the Tcm Service Host (windows service) running?
I am working on integration solution with a payment gateway, we are using SSL3 with digital certificates to secure connection between us, I already reached their services and successfully sent request and received the response.
The problem is when they trying to consume our HTTPs services which hosted on IIS 7 on our Windows 2008 R2 server, they got below error:
**java.io.IOException: java.net.SocketException: Connection reset**
I tried to catch any errors from my-side, so I found this error in "Event Viewer\Windows Logs\System"
**The following fatal alert was generated: 51. The internal error state is 1306**
I think the request is not reached to the service; its dropped some where before the IIS.
Thanks in advance,
Error 51 means there is a problem in the TLS, so please enable TLS 1.0 on the registry and increase logging of the SChannel (to get information, warnings and errors about the connection)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]
"EventLogging"=dword:00000007
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:ffffffff
http://support.microsoft.com/kb/260729