473,576 Members | 3,395 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

https, certificates, and: The underlying connection was closed: An unexpected error occurred on a send.

hello,

i am developing an ASP.NET web app that consumes a 3rd party vendor
webservice. it is my first one so while ive done my homework, im not an
expert on the matter.

our partner's webservice operates on SSL via an "https://" url. they
also gave me a .PFX certificate which ive installed via window's MMC
utility, into the "Computer account"'s Personal store; as indicated by
articles id found. i then export a .CER to the filesystem which my
C#.NET picks up. lastly, we attach our username/pw credentials. the
relevant code:

//costco webservice proxy object
PartnersProxyCl ass ws = new PartnersProxyCl ass();

//load certificate for costco intranet account
X509Certificate cert =
X509Certificate .CreateFromCert File("c:\temp\f oo.cer");

//add cert to ws
ws.ClientCertif icates.Add(cert );

//add authentication info to ws
ws.Credentials = new NetworkCredenti al("foo_user", "foo_pw");

//hit ws and get a returned obj
WsMember member = ws.read(custome rID);

....this works on my Windows XP dev machine, as well as on our Windows
2000 test machines. however, when we publish it to our Windows 2000
production webfarm, operating on BigIP, it does work. .NET reports this
on the .read() attempt:

"The underlying connection was closed: An unexpected error occurred on
a send."

....and, looking into our event log, i see this:

"The SSL client credential's certificate does not have a private key
information property attached to it. This most often occurs when a
certificate is backed up incorrectly and then later restored. This
message can also indicate a certificate enrollment failure."

i dont have access to the machine (big company) to try hitting the URL
via IE. however, i *did* write & install a command-line (DOS) .NET
program that does a simple test and hits the webservice serveral times
using the same code. *it works!* but our ASP.NET does not. this seems
key.

....i am trying to figure out what it all means and how to fix it. ive
read a dozen posts or so, and am exploring those options. but if anyone
can relate to our situation, i would appreciate it.
thanks!
matt

--
Matt Del Vecchio
Programmer Analyst
(619) 358-7556

Nov 23 '05 #1
4 20474
Most probably, the ASPNET process identity does not have permissions to read
the certificate.

can you try the steps given at this url?

http://blogs.msdn.com/adarshk/archiv...19/187667.aspx

--
feroze

-----------------
This posting is provided as-is. It offers no warranties and assigns no
rights.

See http://weblogs.asp.net/feroze_daud for System.Net related posts.
----------------

<Ma************ ****@CapitalOne Auto.com> wrote in message
news:11******** **************@ z14g2000cwz.goo glegroups.com.. .
hello,

i am developing an ASP.NET web app that consumes a 3rd party vendor
webservice. it is my first one so while ive done my homework, im not an
expert on the matter.

our partner's webservice operates on SSL via an "https://" url. they
also gave me a .PFX certificate which ive installed via window's MMC
utility, into the "Computer account"'s Personal store; as indicated by
articles id found. i then export a .CER to the filesystem which my
C#.NET picks up. lastly, we attach our username/pw credentials. the
relevant code:

//costco webservice proxy object
PartnersProxyCl ass ws = new PartnersProxyCl ass();

//load certificate for costco intranet account
X509Certificate cert =
X509Certificate .CreateFromCert File("c:\temp\f oo.cer");

//add cert to ws
ws.ClientCertif icates.Add(cert );

//add authentication info to ws
ws.Credentials = new NetworkCredenti al("foo_user", "foo_pw");

//hit ws and get a returned obj
WsMember member = ws.read(custome rID);

...this works on my Windows XP dev machine, as well as on our Windows
2000 test machines. however, when we publish it to our Windows 2000
production webfarm, operating on BigIP, it does work. .NET reports this
on the .read() attempt:

"The underlying connection was closed: An unexpected error occurred on
a send."

...and, looking into our event log, i see this:

"The SSL client credential's certificate does not have a private key
information property attached to it. This most often occurs when a
certificate is backed up incorrectly and then later restored. This
message can also indicate a certificate enrollment failure."

i dont have access to the machine (big company) to try hitting the URL
via IE. however, i *did* write & install a command-line (DOS) .NET
program that does a simple test and hits the webservice serveral times
using the same code. *it works!* but our ASP.NET does not. this seems
key.

...i am trying to figure out what it all means and how to fix it. ive
read a dozen posts or so, and am exploring those options. but if anyone
can relate to our situation, i would appreciate it.
thanks!
matt

--
Matt Del Vecchio
Programmer Analyst
(619) 358-7556

Nov 23 '05 #2
Most probably, the ASPNET process identity does not have permissions to read
the certificate.

can you try the steps given at this url?

http://blogs.msdn.com/adarshk/archiv...19/187667.aspx

--
feroze

-----------------
This posting is provided as-is. It offers no warranties and assigns no
rights.

See http://weblogs.asp.net/feroze_daud for System.Net related posts.
----------------

<Ma************ ****@CapitalOne Auto.com> wrote in message
news:11******** **************@ z14g2000cwz.goo glegroups.com.. .
hello,

i am developing an ASP.NET web app that consumes a 3rd party vendor
webservice. it is my first one so while ive done my homework, im not an
expert on the matter.

our partner's webservice operates on SSL via an "https://" url. they
also gave me a .PFX certificate which ive installed via window's MMC
utility, into the "Computer account"'s Personal store; as indicated by
articles id found. i then export a .CER to the filesystem which my
C#.NET picks up. lastly, we attach our username/pw credentials. the
relevant code:

//costco webservice proxy object
PartnersProxyCl ass ws = new PartnersProxyCl ass();

//load certificate for costco intranet account
X509Certificate cert =
X509Certificate .CreateFromCert File("c:\temp\f oo.cer");

//add cert to ws
ws.ClientCertif icates.Add(cert );

//add authentication info to ws
ws.Credentials = new NetworkCredenti al("foo_user", "foo_pw");

//hit ws and get a returned obj
WsMember member = ws.read(custome rID);

...this works on my Windows XP dev machine, as well as on our Windows
2000 test machines. however, when we publish it to our Windows 2000
production webfarm, operating on BigIP, it does work. .NET reports this
on the .read() attempt:

"The underlying connection was closed: An unexpected error occurred on
a send."

...and, looking into our event log, i see this:

"The SSL client credential's certificate does not have a private key
information property attached to it. This most often occurs when a
certificate is backed up incorrectly and then later restored. This
message can also indicate a certificate enrollment failure."

i dont have access to the machine (big company) to try hitting the URL
via IE. however, i *did* write & install a command-line (DOS) .NET
program that does a simple test and hits the webservice serveral times
using the same code. *it works!* but our ASP.NET does not. this seems
key.

...i am trying to figure out what it all means and how to fix it. ive
read a dozen posts or so, and am exploring those options. but if anyone
can relate to our situation, i would appreciate it.
thanks!
matt

--
Matt Del Vecchio
Programmer Analyst
(619) 358-7556

Nov 23 '05 #3
i thought that may have been it as well, but it wasnt. i used
winhttpcertconf ig to check the permissions. when that is the case, it
gives a different error. namely, "403: Access is forbidden" -- not the
one i was experiencing.

my next step was to disable the keep-alives in our proxy class as
recommended, and set httpprotocol to 1.0. that then produced this
error:

"The underlying connection was closed: Could not establish secure
channel for SSL/TLS."

....interesting . so then i inspected the .PFX w/ embedded private key
given to us by our partner.. in MMC when double-clicking, i saw this:

[yellow exclaimation triangle ("!")] "Windows does not have enough
information to verify this certificate."

then at the bottom, "You have a private key that corresponds to this
certificate."

oh oh. this last message was the key -- our certificate should NOT have
had any errors or alerts whatsoever. working w/ MS, they identified
part of the problem: we didnt have a Certificate Authority ("CA") cert
installed for our partner-provided cert. they forgot to give us one
that had both the normal cert & the CA needed to verify it!

once i received the CA cert from our partner, that took care of the
problem ("The underlying connection was closed: Could not establish
secure channel for SSL/TLS").

what i cannot say, is whether that would have taken care of the
original error ("The underlying connection was closed: An unexpected
error occurred on a send"). i suspect it would not have... i cant test
because the server is off-limits to me now, but im thinking disabling
keep-alives took care of that first error, thus paving way for our
second error, the lacking CA.

fun.
matt

Nov 23 '05 #4
i thought that may have been it as well, but it wasnt. i used
winhttpcertconf ig to check the permissions. when that is the case, it
gives a different error. namely, "403: Access is forbidden" -- not the
one i was experiencing.

my next step was to disable the keep-alives in our proxy class as
recommended, and set httpprotocol to 1.0. that then produced this
error:

"The underlying connection was closed: Could not establish secure
channel for SSL/TLS."

....interesting . so then i inspected the .PFX w/ embedded private key
given to us by our partner.. in MMC when double-clicking, i saw this:

[yellow exclaimation triangle ("!")] "Windows does not have enough
information to verify this certificate."

then at the bottom, "You have a private key that corresponds to this
certificate."

oh oh. this last message was the key -- our certificate should NOT have
had any errors or alerts whatsoever. working w/ MS, they identified
part of the problem: we didnt have a Certificate Authority ("CA") cert
installed for our partner-provided cert. they forgot to give us one
that had both the normal cert & the CA needed to verify it!

once i received the CA cert from our partner, that took care of the
problem ("The underlying connection was closed: Could not establish
secure channel for SSL/TLS").

what i cannot say, is whether that would have taken care of the
original error ("The underlying connection was closed: An unexpected
error occurred on a send"). i suspect it would not have... i cant test
because the server is off-limits to me now, but im thinking disabling
keep-alives took care of that first error, thus paving way for our
second error, the lacking CA.

fun.
matt

Nov 23 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
8826
by: Fredrik L | last post by:
Hi, We have an application outside the firewall who talks to a webservice inside the firewall. 9 times of 10 this works, but sometimes we got the error "The underlying connection was closed: An unexpected error occurred on a receive." We have tested some of the solutions that we have found in this discussion group but the problem still...
5
24742
by: Vijayakrishna Pondala | last post by:
Hi, We are using the following error randomly, when accessing a webservice method/servlet hosted on JBoss application server: The underlying connection was closed: An unexpected error occurred on a receive. We are using .NET v1.1.
0
1658
by: David Mediavilla | last post by:
I am writing a client for an HTTPS web service using WSE 1.0 but I always get an error like "The underlying connection was closed: An unexpected error occurred on a send." Sometimes the error "occured on a receive". Looking around, I find http://weblogs.asp.net/jan/archive/2004/05/08/128394.aspx ("Solving "The underlying connection was...
0
1570
by: Mahesh Devjibhai Dhola | last post by:
Hi, I am getting the following exception when using webservice.. "The underlying connection was closed: An unexpected error occurred on a receive" I am not getting any innerexception so no clue for the reason. While i was seaching on web, i found the solutions but its not working for me. I have already override the method on client proxy ...
2
4360
by: Andrew Hunot | last post by:
I have VB code in VS2003 which creates a HttpWebRequest and performs a POST operation to a remote URL (an https site), which runs fine and receives a valid response. However exactly the same code in VS2005 (to the same site with the same data) causes an exception 'The underlying connection was closed: An unexpected error occurred on a...
0
1426
by: Apu Nahasapeemapetilon | last post by:
Why do I get the following two error messages, intermittently, when I issue a "SendRequestResponse(methodName, requestEnvelope);" command on a class derived from Microsoft.Web.Services2.Messaging.SoapClient. Intermittent Error Messages: 1) An established connection was aborted by the software in your host machine. 2) The underlying...
2
5869
by: Scott McFadden | last post by:
When I invoke two web service methods sequentially with no delay, the first web method invocation goes smooth while the 2nd one generates the dredded: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. The only way I have been able to make consecutive web method invocations work is by...
1
8832
by: Mrozik | last post by:
Hi! I have a problem - after deploying application in client environment, on some client machines occured error. Environment: App server: ASP.NET WebService/Win 2003/ secured SSL (.NET 2.0) Client app: SmartClient - WinForms (.NET 2.0) I trust all server cetrificates - at the start of client application I call:
0
2060
by: imonline | last post by:
Hi, I have created a asp.net page which posts XML on the web service using .net 2.0. The page and the webservice was working fine but once I converted them to .net 3.5 I have been getting following exception. And I am having this problem on the local machine that is both of them on same machine. Exception: System.Net.WebException was...
0
7776
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
8121
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
0
8286
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
1
7869
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
8143
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
0
6517
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
0
3779
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3797
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
2287
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.