I have a windows service running every 3 minutes. At the start, this service hits a static URL that which returns "success". We are using WebClient.OpenRead(URL) for getting the result.
This is working fine in most machines. In one particular machine I am getting the following exception:
System.Net.WebException: The underlying connection was closed:
Could not establish trust relationship for the SSL/TLS secure channel. --->
System.Security.Authentication.AuthenticationException:
The remote certificate is invalid according to the validation procedure.
I moved this function alone to a separate exe and it was working fine. But when the same runs as a service, I am getting the mentioned exception. Any help would be much appreciated.
Related
I need your expertise on one of my issues. I often get an intermittent issue from our Power BI on-premises Gateway to SQL connectivity
Error from gateway log
Error: A connection was successfully established with the server, but
then an error occurred during the pre-login handshake. (provider: SSL
Provider, error: 0 - The wait operation timed out.)
The difficult part here is it's very difficult to reproduce ☹️ Whenever I tried the connectivity from the gateway to SQL server, it succeeds but at some very rare case, it fails.
Steps we did to find the root cause
Checked in both the gateway server and SQL server TLS 1.2 only is
enabled, other versions of TLS are disabled
created a .udl file and tried the connectivity but got the error like
[DBNETLIB] ConnectionOpen( SECCreateCredentials().] SSL Security
error.
Finally, we contacted our internal support team, they told to run the network tracer. So we did.
After some long times, we had the luck to capture the error in the network tracer. (Below Image)
Support team told like:
We see that client (gateway server) is sending Client hello after 14 seconds for the TLS SSL handshake, this delay is causing the connection to fail as connection needs to get established in 15 seconds.
We see the same pattern, where the client is causing delay on multiple instances of the communication.
And such delay is generally caused by the Antivirus
My question:
Is this really the Antivirus issue? If so then why it's not happening
all the times?
P.S I know this question is already asked in SO and possible for duplicate, but my real question is this antivirus would be a possible cause for this?
The issue is finally resolved after so many attempts. The below is the solution worked for us
• Azure AD join, where the connections head to the “login.microsoft.com” and delay the connections. There are few settings from registry and GPO that needs to be performed to disable this Auto Azure WorkPlace join.
https://learn.microsoft.com/en-us/azure/active-directory/device-management-troubleshoot-hybrid-join-windows-current
It talks about restricting the server from joining AzureAD through a GPO, which resolves to:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin\ key:
autoWorkplaceJoin = 0
• Connections headed to http://ctldl.windowsupdate.com , refer the below article that talks about this issue.
https://blogs.technet.microsoft.com/askds/2018/04/10/tls-handshake-errors-and-connection-timeouts-maybe-its-the-ctl-engine/
To disable it: • Create a backup of this registry key (export and save
a copy)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot • Then create the following DWORD registry values under the key
“EnableDisallowedCertAutoUpdate”=dword:00000000
“DisableRootAutoUpdate”=dword:00000001
I hope this helps someone in the future !
I have a reference to a webservice which uses SOAP to process the searches and starting today morning i am receiving the following error:
The underlying connection was closed: An unexpected error occurred on a send.
This will not happen for few requests if the application is restarted and will start receiving these errors after a some time say like 5 minutes and if we restart as said the services are re-processed without any issues.
I have read: https://support.microsoft.com/en-us/kb/915599
but those methods will not work for my case. Anyone else have faced similar problem???
I don't have enough information to guarantee this will work, but this has happened to me before and the following solved the issue:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3
Note that this will force SSL3 instead of TLS. If the site you're hitting doesn't handle TLS well it could solve your problem. Note that all other HTTP/ServicePoint objects will then use SSL3 instead of TLS unless you change it back (including others in the same AppPool if this is IIS hosted).
The Web Service host has changed their certificates and that was causing the web service to fail when trying to access the service. The host has provided me with the latest certificates and now the problem is resolved.
Its weird that that initial connection and subsequent requests worked once i restart the application until the connection is closed and then when the application re-tries to connect, that's when the error message is popping up.
I created a WCF service. It worked well yesterday. When I entered service address, I got message returned as expected. However, when I run it today, I received error message:
In IE: [Fiddler] The socket connection to localhost failed.
ErrorCode: 10061. No connection could be made because the target machine actively refused it [::1]:47423
In Firefox: Firefox can't establish a connection to the server at the site
In Fiddle2: HTTP: 502
How to solve this problem? Thanks.
Generally with these issues is either the service is not running or you're url is incorrect. Without more specific information it's impossible to tell.
I have added http://ws.hipcricket.com/api/EndUser.svc as a service reference in a my web service. I am able to consume the methods from the IDE but while hosting the same in IIS I'm getting the following errors:
Error 1:
Could not connect to the (please refer the above url). TCP error code 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 69.20.116.221:80.
Error 2:
There was no endpoint listening at (please refer the above url) that could accept the message. This is often caused by an incorrect address or SOAP action. See Inner Exception, if present, for more details
Maybe you have a firewall blocking communication from your webserver? When developing on your local machine communications through the proxy may most likely be using your credentials, while the user that the application pool that your application is running under on your IIS server most probably does not have the correct rights.
I am new to WCF, I am trying to upload files to remote server using a windows service and WCF. When i run my code i get the below error.
An unhandled exception of type 'System.ServiceModel.EndpointNotFoundException' occurred in mscorlib.dll
Additional information: Could not connect to net.tcp://74.208.195.53:5000/. The connection attempt lasted for a time span of 00:00:21.0122019. TCP error code 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 74.208.195.53:5000.
I tried using the sample project provided in this link http://www.codeproject.com/KB/WCF/WCFDownloadUploadService.aspx
I read in other blogs that, the port has to be allowed throught the firewall on the server.i did that even tried turning off the firewall on the server but it dint help.
Can someone please guide me how i could get this issue resolved.Any help would be highly appreciated. I am using win7 and the remote server is windows server 2008.
Thanks
In some circumstances you need to enable tcp on the server. this post might help