Failed to publish https WebRequest to .net?
Hi I am facing problems while trying to post a WebRequest under Https.
i got the following errors
1.-Connected connection was closed: unable to connect to the remote server.
2. - operation TimeOut
3 - The main connection was closed: Failed to establish a secure channel for SSL / TLS.
I tried about 3 or 4 different proxy servers of my company and client company, and even when I am directly with the ISP is not limited, I get the above errors when doing the following method.
WebRequest.GetRequestStream()
this happens behind the proxy or not, the request can only be successfully sent from one PC that is behind the proxy. the proxy server does not have a client certificate installed.
it is under .net framework 1.1 and the request already contains the network credentials.
what could be?
Update
inner exception, third error: The function completed successfully, but needs to be called again to complete the context
according to iisper.h documentation this error refers to
//
// MessageId: SEC_I_CONTINUE_NEEDED
//
// MessageText:
//
// The function completed successfully, but must be called
// again to complete the context
//
#define SEC_I_CONTINUE_NEEDED ((HRESULT)0x00090312L)
on MSDN this refers to
SEC_I_CONTINUE_NEEDED The client must send an output token to the server and wait for a return token. The returned token is then passed in another call to InitializeSecurityContext (Schannel). The output token can be empty.
does this mean the PC does not have a client certificate?
source to share
There are a number of things that can complicate things when it comes to SSL certificate inconsistencies, etc. But first, you need to do some basic debugging to rule out the obvious:
- Have you tried sending a simple web request to other servers? Try both (unsecured) http and (secured) https
- Have you tried to connect from another computer or from another network? You mentioned that the client is behind a proxy; first try a computer without a proxy to rule it out.
- Are you doing multiple WebRequests during a session? There is a limit on the number of open requests, so make sure you close them after receiving a WebResponse. It is possible to make a test program with only one request.
If that doesn't narrow it down, then it is probably something more complex with their server or proxy. You can monitor outgoing network packets using a program like netshark to try and keep track of where things get stuck.
source to share
You can make HTTP traffic traffic using Fiddler or a network packet zeroing tool like Ethereal Whireshark on the machine it runs on and one of the other machines and compare the results. This is a fairly low level, but it may bring some light on this issue.
source to share
- If you can telnet from different computers up to 443, these are not the first two, as it means the client machine is receiving requests on that port.
In the windows that will
telnet <domainname> 443
and if it connects, the screen will go blank (press the return button several times to exit)
-
Proxies may or may not really care about your request if it is under HTTPS as they cannot read it.
-
Do other computers have client certificate and certificate chain installed?
source to share
The SSL certificate name is probably not the same. This often happens with self-signed certificates.
The solution is to write your own authentication procedure where you always return true or do the necessary authentication to make sure the certificate is valid.
// .NET 2.0+
...
ServicePointManager.ServerCertificateValidationCallback += MyValidationCallback
...
public bool MyValidationCallback(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors err)
{
return true;
}
// .NET 1.1
public class MyCertificatePolicy : ICertificatePolicy
{
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem)
{
return true;
}
}
...
ServicePointManager.CertificatePolicy = new MyCertificatePolicy();
...
source to share