I wrote an ASP.NET Core 3.1 MVC web application. It's an front end calling a Web API back end.
The application works perfectly on development and Staging.
I can't make it work on Production: the Web API seems ok, I can call it from the browser or Postman.
But I can't reach it from my web app. This is the error from the log when it tries to make a call:
info: System.Net.Http.HttpClient.IApiClient.ClientHandler[100]
Sending HTTP request GET https://webapi.****.it/inetApi/api/links
fail: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
An unhandled exception has occurred while executing the request.
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..
System.Net.Sockets.SocketException (10054): An existing connection was forcibly closed by the remote host.
--- End of inner exception stack trace ---
Staging and Production are both Windows server 2019 machines with IIS10 web server.
Staging has a single website where both the Web API and the web app run as applications:
Web-t.****.it/inetApi
Web-t.****.it/inetW
Production VM has two website, one is supposed to be for internal web apps and the other for APIs:
webapi.****.it/inetApi
intranet.****.it/inetW
We made this VM from the scratch, it's new, there aren't any other application or websites on it.
I already tried to move the Web API application into the same website of the web app to see if that could be the problem, but it doesn't.
I tried to force the web app to use TLS as security protocol using this in my startup.cs:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
But it only change the error:
info: System.Net.Http.HttpClient.IApiClient.ClientHandler[100]
Sending HTTP request GET https://webapi.****.it/inetApi/api/links
fail: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
An unhandled exception has occurred while executing the request.
System.Net.Http.HttpRequestException: An error occurred while sending the request.
System.Net.Http.WinHttpException (80072EFF, 12030): Error 12030 calling WINHTTP_CALLBACK_STATUS_REQUEST_ERROR, 'The connection with the server was terminated abnormally'.
at System.Threading.Tasks.RendezvousAwaitable`1.GetResult()
at System.Net.Http.WinHttpHandler.StartRequestAsync(WinHttpRequestState state)
--- End of inner exception stack trace ---
So I tried to call the production Web API from the web app on staging or development, and it works.
Then I tried to use the web app on Production with the staging Web API... and it works too!
This is driving me nuts.
It's like everything in production is working individually, but not together.
I have grants to do everything I need on the VMs... but I'm a developer (and not very good at dealing with systems), and I can't ask much help to the sysadmins because they are overwhelmed in this period.
Any ideas?
According to the Transport security Best practice, as much as possible not to specify the SSL version during the establishment of SSL connection. Just let the OS decide on the SSL protocol version.
https://learn.microsoft.com/en-us/dotnet/framework/network-programming/tls
There might be something wrong with the validation process of the SSL certificate installed on the server-side. As you know, SSL communication requires the trust relationship between the client-side and the server-side, therefore I would like to know how you specify the certificate for your WebAPI project. have you established the trust relationship between the client-side and the server-side? namely, install the service certificate on the client-side. As to explain how it works properly in the development and Staging environment, Http Get request doesn't represent something, please try an Http Post request.
Besides, the SSL protocol requires the DotNet framework/OS support, try to install a high version DotNet framework.
Feel free to let me know if you get something new afterward.
Related
HTTP Error 502.3 - Bad Gateway
There was a connection error while trying to route the request.
Most likely causes:
•The CGI application did not return a valid set of HTTP errors.
•A server acting as a proxy or gateway was unable to process the request due to an error in a parent gateway.
Things you can try:
•Use DebugDiag to troubleshoot the CGI application.
•Determine if a proxy or gateway is responsible for this error.
Detailed Error Information:
Module
AspNetCoreModule
Notification
ExecuteRequestHandler
Handler
aspNetCore
Error Code
0x8007000d
Requested URL
http://localhost:15536/
Physical Path
C:\Users\HenryP\Desktop\NopCommerce_4.2.0\src\Presentation\Nop.Web
Logon Method
Anonymous
Login User
Anonymous
More Information:
This error occurs when a CGI application does not return a valid set of HTTP headers, or when a proxy or gateway was unable to send the request to a parent gateway. You may need to get a network trace or contact the proxy server administrator if it is not a CGI problem.
View more information »
It seems this is not CGI issue. Newest nopCommerce version run on .net core version and require Full Trust. And my experience used Godaddy in the past that they didn't support Full Trust, so you can't install nopCommerce on their platform. You better contact their support team or you can ask this issue on nopCommerce forum. But, it seeems that nopCommerce can't run well on Godaddy platform. If you use nopCommerce, I recommend you can check Asphostportal.
According to your description, this is a generic error for when IIS can't find the specified .NET Core components ,and doesn't know where to forward requests.So i suggest you to check once you select asp.net or asp.net core while creating your site
I followed the tutorial deploy and run Service Stack application on Ubuntu Linux and I got my API quickly up and running. So far it's all plain-text though. I'd like to secure the API with SSL, especially the service receiving username and password, but maybe everything.
I'm using the regular CredentialsAuthProvider together with JwtAuthProvider at the moment, if it's relevant. Using a 3rd party OAuth2/OpenID Connect would solve the login problem, but not securing the remaining contents.
Also wonder how to selectively choose which services require SSL.
The stack is: mono, nginx and HyperFastCGI (and C# ServiceStack)
You'll want to configure SSL on nginx, i.e. your external-facing Web Server. What ASP.NET Web framework you're using is irrelevant as SSL will be terminated at nginx and any downstream Web Applications will still be receiving plain-text requests.
Question:
Are there known issues making calls to a service that calls another service from Silverlight?
Scenario:
I have the following 3 projects:
SilverlightClient - Silverlight project with a Button
SilverlightClient.Web - A web application that hosts the SilverlightClient.xap.
BackEnd - A different web application that hosts the FOO Service which does some special backend processing.
I have created a Silverlight WCF-Enabled web service in both SilverlightClient.Web and Backend. These are respectively SilverlightClientService and BackEndService.
From SilverlightClient.Web I add a service reference to BackEndService. I have a test ASPX page that I've written code that calls BackEndService successfully.
From SilverlightClient I add a service reference to SilverlightClient.Web's SilverlightClientService. If my SilverlightClientService returns plain data, such as a string, it works quite well.
The moment, however, that I change SilverlightClientService to call BackEndService, I get the following exception:
HTTP 415 - "The request failed with HTTP status 415: Unsupported Media Type."
I had an issue with 2 services not communicating. We finally figured out that using Cassini (the built in Visual Studio IIS) to host the ListenerService 'BackEnd' was causing the problem. Switching the project to start in a virtual directory of IIS allowed the two to communicate.
I was seeing : An error occurred while receiving the HTTP response to http://localhost:1484/MainListenerService.cs. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. and this error:
The HTTP request was forbidden with client authentication scheme 'Anonymous'.
Are you using basicHttpBinding? Silverlight only supports basicHttpBinding but the default when you create a WCF service is wsHttpBinding. You should change that on your web.config before adding the reference on your Silverlight project. Check out this video from Tim Heuer: http://silverlight.net/learn/videos/all/how-to-consume-wcf-and-aspnet-web-services-in-silverlight/
I'm having a WCF service deployed on one of my servers, and my Silverlight app on the other server. The problem I'm having is running it in Firefox 3.5. Opening in IE 6/7 works great, but when I open it in Firefox it loads the app, but on calling WCF service i get this:
An error occurred while trying to make a request to URI 'http://10.1.1.20:87/MyService.svc'. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent.
(The connection works over VPN so don't worry about the IP address)
I have encountered a similar problem and after a lot of research I found that adding the following line of code into the constructor of my UserControl solved the problem:
bool registerResult = WebRequest.RegisterPrefix("http://", WebRequestCreator.BrowserHttp);
More information about the WebRequest member can be found here.
I have a WCF service deployed on a windows 2003 server. We are using a WPF application to consume this service. The trouble is if we deploy a new version of WCF service or leave the IIS and WPF application idle for sometime and then try to execute a functionality, we are get the following exception:
The content type text/html of the response message does not match the content type of the binding (text/xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 119 bytes of the response were:'<HEAD><TITLE>500: Server Error [20-0004]</TITLE></HEAD>
<BODY>
<H1>500: Server Error [20-0004]<H1>
</BODY>
</HTML>
Thanks and Regards,
A 500 error usually means there was an unhandled exception in the service. Look in the Windows event logs to see what happened.
It looks like you are creating a proxy / connection to the server, then leaving it open and using this proxy when needed.
There are two problems with this:
The problem you are getting due to timeout in periods of inactivity.
That the connection is maintained when it is not used reduces scalability.
A better way to do it is to create the proxy connection when you require it, then close / dispose of it after it gas been used. Normally I use the using statement for this.
when you get below mentioned error
500: Server Error [20-0004]
This is siteminder Web Agent error, If your website is SSO protected, then it might have Siteminder ISAPI issue with initializing.
Check Event and SSO logs.
Origin Blog