简体繁体 English

C＃和IIS-SSL删除连接，可以通过HTTP进行连接

[英]C# and IIS - SSL dropping connections, fine over HTTP

原文 2009-04-27 12:38:00 3 2 asp.net/ iis/ ssl

In a testing environment, I self-signed a cert and installed it on a web site in IIS 6. This is using .NET 2.0. 在测试环境中，我对证书进行了自签名并将其安装在IIS 6的网站上。这是使用.NET 2.0的。 Cert seems fine (minus the fact that client services don't fully trust it as one would expect). Cert看起来还不错（减去客户端服务不完全像人们期望的那样信任它的事实）。 I can do whatever I want to by hitting the site locally from the server on HTTPS or HTTP. 通过在HTTPS或HTTP上从服务器本地访问站点，我可以做任何我想做的事情。

The problem is coming in when accessing this site remotely. 远程访问此站点时出现问题。 If the page has an exception on it, the connection drops . 如果页面上有一个例外，在连接断开。 Not return an error, but just flat-out drops, where the browser says it couldn't find the site (this is after it churns for a few seconds, where I can see TCP traffic from the client IP coming in). 没有返回错误，而是完全掉落，浏览器在其中找不到站点（这是在流失几秒钟后，我可以看到来自客户端IP的TCP流量）。

The interesting part is that I can create a blank ASPX page, with nothing on it, and it's fine over HTTPS. 有趣的部分是，我可以创建一个空白的ASPX页，上面没有任何内容，并且可以通过HTTPS正常运行。 But the minute I put throw new Exception(); 但是我一分钟就抛出新的Exception（）; on the page, it goes back to dropping. 在页面上，返回到拖放。 By the way, it seems to act completely normal if I hit the same page using HTTP instead. 顺便说一句，如果我改用HTTP来访问同一页面，这似乎完全正常。

So I'm a bit stuck. 所以我有点卡住了。 Anyone seen something like this? 有人看到过这样的东西吗？

My first inclination is to go after the proxy/firewall rules between my remote client machine and the server, but I want to make sure it's not something I could fix before I bug other teams. 我的第一个倾向是遵循我的远程客户端计算机和服务器之间的代理/防火墙规则，但是我想确保在对其他团队进行调试之前，无法解决此问题。

EDIT ...looks to be a firewall whitelisting problem. 编辑 ...看起来是防火墙列入白名单的问题。 Others on my subnet have the same problem, but people in other locations can hit it just fine. 我的子网上的其他人也有同样的问题，但是其他位置的人也可以解决。

2 个解决方案

This is not a proxy or firewall issue, because the Yellow Screen Of Death is just text which transmits through any firewall just fine. 这不是代理或防火墙问题，因为“死亡黄屏”只是可以通过任何防火墙传输的文本。 Here are a couple things that I would try first. 这是我首先要尝试的几件事。

Make sure that the fact that you are using HTTPS isn't the root cause of the problem, such as the problem isn't caused in your program, by handling HTTPS. 通过处理HTTPS，请确保您使用HTTPS的事实不是问题的根本原因，例如该问题不是您的程序引起的。 Such as some special handling of Error code. 例如对错误代码的一些特殊处理。
Create a new cert and see if the same issues occures. 创建一个新的证书，看看是否发生相同的问题。
Try to reproduce this issue on another machine, it could just be a configuration issue. 尝试在另一台计算机上重现此问题，这可能只是配置问题。
Try getting a real cert from GoDaddy, they are only 29.99. 尝试从GoDaddy获取真实证书，它们只有29.99。

That is all that I can come up with right now. 这就是我现在能想到的一切。 One thing that you didn't mention was which version of IIS you were using, which will be helpful. 您没有提到的一件事是您使用的是哪个版本的IIS，这将有所帮助。

Have your thrown the exception and then tested the page using regular HTTP? 是否引发了异常，然后使用常规HTTP测试了页面？ Is the same thing happening, or does it only happen if you throw an exception and access it using HTTPS? 是同一件事发生，还是仅当您引发异常并使用HTTPS访问它时才会发生？