WCF/WS: SSL Mutual Client Cert Authentication 403.16 or 403.7

Problem When attempting to use a certificate to authenticate to an IIS website or self hosted WCF service over SSL/TLS channel, we receive a 403.16 error code. Troubleshooting We can collect server side System.Net Traces or WCF Activity Traces System.Net Tracing collection Steps WCF Tracing Observation from System.Net Traces: You might observe the GetClientCertificate API…

0

WCF Tracing

WCF Tracing can be configured at three different levels. 1. WCF Verbose Traces: Recommended for DEV issue (captures activities and messages). INCLUDE THIS SECTION INSIDE CONFIGURATION FILE OF WCF SERVICE / CLIENT APPLICATION. IF ALREADY A SIMILAR SECTION IS AVAILABLE, THEN DELETE THE EXISTING SECTION FIRST. SET VALUE OF ‘initializeData’ UNDER ‘<sharedListeners>’ TO POINT AT…

0

System.Net Tracing collection Steps

Ask: System.Net Tracing is very helpful to review SSL/TLS and socket level connection/communication failure. To enabled tracing: <?xml version=”1.0″ encoding=”utf-8″ ?> <configuration> <system.diagnostics> <trace autoflush=”true” /> <sources> <source name=”System.Net”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.HttpListener”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.Sockets”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.Cache”> <listeners> <add name=”System.Net”/> </listeners> </source>…

0

ASMX/WS/WCF Web Service: System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host

Issue: Intermittent Socket exception seen on client application trying to fetch data from MS web services. Troubleshooting: I recommend collecting application level traces to collect the stack trace information. In addition we can collect the System.Net traces or memory dumps on specific exceptions. Detailed stack from dump: 0:000> !dumpstack OS Thread Id: 0x1708 (0) Current…

0

WCF/WS/TLS: Get .Net Framework 4.0 application use TLS 1.2 as default protocol

Issue: By default, .net application built on framework 4.0 will use SSL3.0 or TLS1.0 as default protocol. Ask: If we need to force it to use TLS1.2 protocol, review below workarounds. Workaround 1: Use below link just before Https call is attempted. ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072; Workaround 2: Migrate the existing application to supported framework 4.6.2….

0