I've created a WCF service and hosted it in cloud through a worker role. Unfortunately when I try to connect to the worker role service I get an exception with the message:
"No DNS entries exist for host 3a5c0cdffcf04d069dbced5e590bca70.cloudapp.net."
3a5c0cdffcf04d069dbced5e590bca70.cloudapp.net is the address for the worker role deployed in azure staging environment.
The workerrole.cs has the following code to expose the WCF service:
public override void Run()
{
using (ServiceHost host = new ServiceHost(typeof(MyService)))
{
string ip = RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["tcppoint"].IPEndpoint.Address.ToString();
int tcpport = RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["tcppoint"].IPEndpoint.Port;
int mexport = RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["mexinput"].IPEndpoint.Port;
// Add a metadatabehavior for client proxy generation
// The metadata is exposed via net.tcp
ServiceMetadataBehavior metadatabehavior = new ServiceMetadataBehavior();
host.Description.Behaviors.Add(metadatabehavior);
Binding mexBinding = MetadataExchangeBindings.CreateMexTcpBinding();
string mexlistenurl = string.Format("net.tcp://{0}:{1}/MyServiceMetaDataEndpoint", ip, mexport);
string mexendpointurl = string.Format("net.tcp://{0}:{1}/MyServiceMetaDataEndpoint", RoleEnvironment.GetConfigurationSettingValue("Domain"), 8001);
host.AddServiceEndpoint(typeof(IMetadataExchange), mexBinding, mexendpointurl, new Uri(mexlistenurl));
// Add the endpoint for MyService
string listenurl = string.Format("net.tcp://{0}:{1}/MyServiceEndpoint", ip, tcpport);
string endpointurl = string.Format("net.tcp://{0}:{1}/MyServiceEndpoint", RoleEnvironment.GetConfigurationSettingValue("Domain"), 9001);
host.AddServiceEndpoint(typeof(IMyService), new NetTcpBinding(SecurityMode.None), endpointurl, new Uri(listenurl));
host.Open();
while (true)
{
Thread.Sleep(100000);
Trace.WriteLine("Working", "Information");
}
}
}
The tcppoint and mexinput are configured with the ports 8001 and 9001. Also Domain is configured with worker role deployment url:3a5c0cdffcf04d069dbced5e590bca70.cloudapp.net
On the client part(a console app), we are using the following configuration in app.config::
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_IMyService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:50:00"
enabled="false" />
<security mode="None">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint address="httpp:\\3a5c0cdffcf04d069dbced5e590bca70.cloudapp.net:9001/MyServiceEndpoint" binding="netTcpBinding"
bindingConfiguration="NetTcpBinding_IMyService" contract="ServiceReference1.IMyService"
name="NetTcpBinding_IMyService" />
</client>
<behaviors>
<serviceBehaviors>
<behavior name="behave">
<serviceMetadata httpGetEnabled="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<system.net>
<defaultProxy useDefaultCredentials="true">
<proxy autoDetect="False" usesystemdefault="False" bypassonlocal="True" />
</defaultProxy>
The following code is built using the sample code available in msdn as background. Locally it is working fine. Unfortunately when i deploy it to cloud, the exception occurs. Moreover, when i use the virtual ip instead of the url, a connection time out occurs with the exception the remote machine did not respond.
Looks like you have your service setup to listen on net.tcp (TCP) and your client using http bindings. I would not expect that to work even locally. I am assuming you have actually opened port 9000 in the ServiceDefinition. Remember that will be a load-balanced endpoint. Are you trying to communicate to this instance from within the deployment (inter-role) or from outside the cloud?
I have found it is a lot easier to setup the host and client (when communicating within a role) through code. Try this:
http://dunnry.com/blog/2010/05/28/HostingWCFInWindowsAzure.aspx
If you are trying to hit the service from a client outside the deployment, this still applies, but for the client building part. You will need to use the external DNS name and port defined in ServiceDefinition.
I have also seen DNS errors if you try to hit the endpoint too soon before the role was ready. It can take a bit to propogate the DNS and you should try not to resolve it until it is ready, lest you cache a bogus DNS entry. If you can resolve that DNS name however to your VIP address, that is not the issue.
public void CallWebService(string data)
{
try
{
string uri = "url"+data;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream str = response.GetResponseStream();
StreamReader sr = new StreamReader(str);
String IResponse = sr.ReadToEnd();
}
catch (Exception ex)
{
System.Console.WriteLine("Message: "+ex.Message);
}
}
Hope it helps you.
Related
I'm trying to convert an old WCF client to dotnet core. I successfully generated my proxies from the wsdl and have been trying to configure them so I can successfully call the endpoint. It appears, based on some googling, that under dotnet core I need to configure my WCF client from code.
Here's the WCF configuration section from the web.config of the old application:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<behaviors>
<endpointBehaviors>
<behavior name="clientEndpointCredential">
<clientCredentials>
<clientCertificate storeName="My" storeLocation="LocalMachine" x509FindType="FindBySubjectName" findValue="CERTNAME" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="OUR_Customer_OUTBinding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="5242880" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Certificate" proxyCredentialType="None" realm="" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://the-full-url" behaviorConfiguration="clientEndpointCredential" binding="basicHttpBinding" bindingConfiguration="OUR_Customer_OUTBinding" contract="CustomerInterface.OUR_Customer_OUT" name="HTTPS_Port" />
</client>
<diagnostics>
<messageLogging logEntireMessage="true" logMalformedMessages="true" logMessagesAtServiceLevel="true" logMessagesAtTransportLevel="false" maxMessagesToLog="3000" />
</diagnostics>
</system.serviceModel>
Here's what I've come up with to configure it in dotnet core:
private OUR_Customer_OUTClient GetCustomerClient()
{
TimeSpan Minutes(int minutes) => new TimeSpan(0, minutes, 0);
var binding = new BasicHttpBinding();
binding.Name = "OUR_Customer_OUTBinding";
binding.AllowCookies = false;
binding.SendTimeout = Minutes(1);
binding.ReceiveTimeout = Minutes(10);
binding.OpenTimeout = Minutes(1);
binding.CloseTimeout = Minutes(1);
binding.MaxBufferPoolSize = 2147483647;
binding.MaxReceivedMessageSize = 2147483647;
binding.TextEncoding = Encoding.UTF8;
binding.TransferMode = TransferMode.Buffered;
binding.BypassProxyOnLocal = false;
binding.UseDefaultWebProxy = true;
binding.Security.Mode = BasicHttpSecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
binding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;
var endpointAddress = new EndpointAddress("https://the-full-url");
var client = new OUR_Customer_OUTClient(binding, endpointAddress);
client.ClientCredentials.ClientCertificate.SetCertificate(
StoreLocation.LocalMachine,
StoreName.My,
X509FindType.FindBySubjectName,
"CERTNAME");
return client;
}
And here's the code I'm using to call the endpoint (dotnet core proxies don't yet support synchronous calls):
SearchResponse searchResponse = Task.Run(() => GetCustomerClient().SearchAsync(message)).Result;
However, I'm getting the following error:
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="XISOAPApps"'
Can anyone see anything wrong with my approach or suggest ways I could use to debug this? I'm a WCF newbie and am tearing my hair out at this point.
For the benefit of any others who may be unlucky enough to hit the same problem, the central issue turned out to be that the X509 certificate was not being sent. (The endpoint we were hitting accepted either a certificate or basic auth, thus the 401.)
The reason the certificate wasn't being sent was because the dotnet core networking stack is stricter than the .NET one, and requires the certificate to either have its Enhanced Key Usage set to ClientAuthentication (1.3.6.1.5.5.7.3.2) or have no EKU at all (see the source code here). Ours wasn't - it was set to Server Authentication. So the certificate was quietly discarded, despite having been loaded up successfully.
This github issue provides further details.
Your code snippets seem good. We may have one more thing to do. when server authenticates the client with a certificate, we should establish the trust relationship each other, please refer to the below link.
https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/transport-security-with-certificate-authentication
Besides, we should provider an Identity flag to identity the server, like below.
<client>
<endpoint address="http://vabqia593vm:4434/Service1.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService1" contract="ServiceReference1.IService1" name="WSHttpBinding_IService1" behaviorConfiguration="mybeh">
<identity>
<dns value="vabqia130vm"/>
</identity>
</endpoint>
</client>
We could generate client proxy class by Micorosoft WCF Web Service Reference Provider.(Add Connected Services).
Feel free to let me know if there is anything I can help with.
Abraham
I am new to WCF/APIs and know little to nothing about security. Let me know if I need to provide any more information.
I am trying to connect to a service using
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_ISalesOrderService">
<security mode="Transport" >
<transport clientCredentialType="Basic"></transport>
</security>
</binding>
<binding name="BasicHttpBinding_IDocumentationService">
<security mode="TransportCredentialOnly" >
<transport clientCredentialType="Basic"></transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="address1"
name="BasicHttpBinding_ISalesOrderService"
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_ISalesOrderService"
contract="SoCalls.ISalesOrderService" />
<endpoint address="address2"
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IDocumentationService"
contract="DocCalls.IDocumentationService"
name="BasicHttpBinding_IDocumentationService" />
</client>
</system.serviceModel>
With this, I get this error:
'System.ServiceModel.Security.MessageSecurityException'
The HTTP request is unauthorized with client authentication scheme 'Basic'.
The authentication header received from the server was 'Basic Realm'.
Edit
I followed the instructions suggested in the link provided in the comments, still is giving me this error. I updated my code but I think I am still a bit confused on whether to use HTTP/HTTPS due to lack of knowledge of either service.
Here is how I instantiate my service:
private static SoCalls.SalesOrderServiceClient CreateSalesOrderServiceClient()
{
BasicHttpBinding myBinding = new BasicHttpBinding();
myBinding.MaxReceivedMessageSize = 10000 * 2;
myBinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
myBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
EndpointAddress ea = new EndpointAddress("address1");
SoCalls.SalesOrderServiceClient client = new SoCalls.SalesOrderServiceClient();
client.ClientCredentials.UserName.UserName = ("username");
client.ClientCredentials.UserName.Password = ("password");
return client;
}
As it seems, I did not have access to the API with this specific database which is what was giving me my error. I tried sending other credentials for a separate database from the same server and it worked perfectly fine. Purchased the license required and the code works as expected.
I'm a bit of the newbie to WCF so i would really appreciate if you could answer as detailed as possible :) i have a WCF service library and a WPF application (who is a client). the wanted result is an application that will enable file sharing between the connected clients.I build a really basic WCF service library with one method:
[ServiceContract]
public interface IFileService
{
[OperationContract]
byte[] GetFile(string fullPath);
}
And implemented this method like this:
public class FileService : IFileService
{
public byte[] GetFile(string fullPath)
{
return System.IO.File.ReadAllBytes(fullPath);
}
}
This is the App.config file in the WPF client project:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IFileService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:9355/TankusFileTransferService/Service/"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IFileService"
contract="TankusFileService.IFileService" name="WSHttpBinding_IFileService">
<identity>
<userPrincipalName value="GIL-LAPTOP\Gil" />
</identity>
</endpoint>
</client>
</system.serviceModel>
And this is the code from the main window WPF application:
public partial class MainWindow : Window
{
ServiceHost sh;
TankusFileService.FileServiceClient fsc;
public MainWindow()
{
InitializeComponent();
}
private void btn_Connect_Click(object sender, RoutedEventArgs e)
{
Uri uri = new Uri("http://127.0.0.1:1234/");
sh = new ServiceHost(typeof(TankusFileTransferService.FileService), uri);
sh.Open();
lbl_Listener.Content = sh.Description.Endpoints[0].Address.ToString();
}
private void btn_Disconnect_Click(object sender, RoutedEventArgs e)
{
sh.Close();
lbl_Listener.Content = string.Empty;
}
private void btn_GetFile_Click(object sender, RoutedEventArgs e)
{
fsc = new TankusFileService.FileServiceClient();
fsc.Endpoint.Address = new EndpointAddress("http://127.0.0.1:1234/");
fsc.Endpoint.Binding = new BasicHttpBinding();
byte[] bytes = fsc.GetFile(#"D:\mika.txt");
System.IO.File.WriteAllBytes(#"D:\mika_new.txt", bytes);
}
}
After i press the connect button and initialize the ServiceHost object so it can start listening i press the getFile button. when the GetFile() function is called it throws a TimeoutException. Why is this? am i even on the right way for accomplishing my wanted application? Thanks :)
You are likely getting a TimeoutException because it is taking longer to send the file than is allowed by your service.
In your config file for both the server and the client be sure to increase the receiveTimeout and sendTimeout.
You may also bump into size limits as WCF configure the maximum message size, and the file would be considered part of the message. Look at maxBufferPoolSize, maxReceivedMessageSize, and the members below
<readerQuotas
maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
A synchronous web service request is not the best way to transfer files about. Even if it works, if you need to scale the endpoint to process concurrent requests you will quickly run in to trouble. By uploading files to service endpoints you are compromising the availability of the endpoint.
A better solution - the WPF app writes the filestream to disk (or a database, ftp server, or queue), then sends a quick one way command message to the server, which then goes and grabs the file.
This is hugely more scalable and will result in far fewer availability-type exceptions.
UPDATE
In my experience, when you upload large files to web service endpoints you can get availability problems, especially if there is any significant concurrency. You can plan for this stuff if you know what your upper bounds are (file sizes, concurrent connections, etc.) and you can formalise this as a service level agreement, but the nature of what you are trying to do (peer-to-peer) is by definition a volatile environment where such planning would be difficult.
However, that said, the fact that your requirement is for P2P means that there ideally shouldn't be a centralised environment to implement the type of store-and-retrieve messaging pattern I am suggesting.
Windows Azure blob storage is an example of how this may be achieved.
I have a WCF client connecting to a WCF Service hosted in IIS via WsHttpBinding with Message level security and UserName client credential type.
In the client, I specify my username and password in an instance of the generated proxy class representing the service. The one proxy instance is used for all subsequent calls, and the service authenticates these credentials in the custom validator either when I explicitly call Open() or when I make my first call on the service. The validation is only made on this initial call, and not on subsequent calls. e.g.:
var client = new MyServiceClient();
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password"; client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode =
X509CertificateValidationMode.None;
client.GetStuff1(); // authentication is made here
client.GetStuff2(); // already authenticated, no further authentication. Why/How?
client.GetStuff3(); // already authenticated, no further authentication. Why/How?
How is this session maintained? How can I configure the server and/or client so that authentication is done on each call rather than the "session" that seems to exist? Is this not determined by the <reliableSession> which I have off?
The service class is defined with these attributes:
[ServiceBehavior(IncludeExceptionDetailInFaults = true, AutomaticSessionShutdown = false, InstanceContextMode = InstanceContextMode.Single, ConcurrencyMode = ConcurrencyMode.Multiple)]
The client's app.config is as follows:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBindingWithAuth" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="200000000"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<!--
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" /> -->
<message clientCredentialType="UserName" negotiateServiceCredential="true"
algorithmSuite="Default"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://testmachine/MyService.svc"
binding="wsHttpBinding" bindingConfiguration="wsHttpBindingWithAuth"
contract="NewServiceIIS.IMyService" name="wsHttpBindingWithAuth">
<identity>
<certificate encodedValue="ZZZZ" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
This was the source of my frustration and now it is a bliss for you (i.e. you dont need to supply user/pass again)!
Yes, authentication is stored in the channel. Once channel opened, the ClientCredentials cannot be changed. Channel establishes a security context which is retained within the Channel. With wsHttpBinding and message security, this is username/password which is sent to the server everytime.
This is by design. The only way to re-authenticate is to close the channel/proxy and create a new proxy.
If you wonder what establishing security context is, have a look at What are the impacts of setting establishSecurityContext="False" if i use https?
I created a WCF net.tcp service and hosted it using the Net.Tcp Listener Adapter, and it works great - I have some messaging set up on the callback so the service updates the client with the status. Now, I'm trying to get it to work by being hosted via a Windows Service, and all I'm doing is creating a ServiceHost using the same class that the original uses:
using System.Diagnostics;
using System.ServiceModel;
using System.ServiceProcess;
using BuilderService;
namespace BuilderWindowsService
{
public class BuilderWindowsService : ServiceBase
{
public ServiceHost ServiceHost = null;
public BuilderWindowsService()
{
ServiceName = ServiceNames.Builder;
}
public static void Main()
{
Run(new BuilderWindowsService());
}
protected override void OnStart(string[] args)
{
if (ServiceHost != null)
ServiceHost.Close();
ServiceHost = new ServiceHost(typeof(Builder));
ServiceHost.Open();
}
protected override void OnStop()
{
if(ServiceHost != null)
{
ServiceHost.Close();
ServiceHost = null;
}
}
}
}
I can connect to the service and send a request, but it never responds nor times out. I know I'm hitting the Windows Service because I have it on another port (8002), and I can add it as a reference using that.
My App.config for the Windows Service is pretty much identical to the Web.config of the original too. Same thing for the client I am using, except it is pointing to the 8002 endpoint instead of 808. Also, I already have this working for another service, doing the exact same setup, but for some reason this one never responds.
UPDATE
I created a little client app to test out directly hitting the windows service to rule out anything interfering, and it generated the following app.config:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_IBuilder"
closeTimeout="00:01:00"
openTimeout="00:01:00"
receiveTimeout="00:10:00"
sendTimeout="00:01:00"
transactionFlow="false"
transferMode="Buffered"
transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard"
listenBacklog="10"
maxBufferPoolSize="2147483647"
maxBufferSize="2147483647"
maxConnections="10"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="4096"
maxNameTableCharCount="2147483647" />
<reliableSession ordered="true"
inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows"
protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows"
algorithmSuite="Default" />
</security>
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint address="net.tcp://localhost:8002/BuilderService/Builder.svc"
binding="netTcpBinding"
bindingConfiguration="NetTcpBinding_IBuilder"
contract="RGBRef.IBuilder"
name="NetTcpBinding_IBuilder">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
Which looks pretty normal to me (note: I manually upped the buffer/string length values to the maximum). Only things that are different from my original config:
transferMode="Buffered"
transactionProtocol="OleTransactions"
listenBacklog="10"
<transport clientCredentialType="Windows"
protectionLevel="EncryptAndSign" />
Not sure if the service is expecting those or something. Either way, it's still not getting any response back, nor an error.
Perhaps the service is faulting since it now runs under different credentials as a Windows Service. Write some EventLog entries to trace where the fault is occurring. I don't believe is the callback, I suspect it's something else in the service failing.