stackoom
  简体   繁体   中英

Connection issue with TLS 1.1 and 1.2 - Azure web app

 原文  2019-08-05 08:02:25       c#/ azure/ tls1.2

Question

In my application I am calling an API written in WebAPI and hosted in a PaaS environment in azure from another WebAPI method (ideally an internal service call), say MethodA in WebApp_A is calling MethodB in WebApp_B. But i am getting the mentioned error if the TLS settings of WebApp_B is either 1.1 or 1.2 ( it works with 1.0). "Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host."

I have similar WebApp (WebApp_C) which doesn't have the error with TLS. Below is the code that we use to call the MethodB in WebApp_B from WebApp_A 

 public async Task<ServiceResponse> CreateDialog(RequestObject requestObject)
 {
        ServiceResponse serviceResponse = new ServiceResponse();
        try
        {
            using (var client = new HttpClient())
            {

                SessionTokenBo jwtData = new SessionTokenBo();
                Logger = _logger;
                jwtData = GetInternalToken(InternalCallTypes.Utilities.ToString(), int.Parse(ServiceConfiguration.TokenExpiryWindow), int.Parse(ServiceConfiguration.InternalTokenExpiryWindow));
                if (null != jwtData)
                {
                    client.BaseAddress = new Uri("URI");
                    client.DefaultRequestHeaders.Accept.Clear();
                    client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                    client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwtData.Token);                        HttpResponseMessage response = await client.PostAsJsonAsync("service/methodB", requestObject);                        
                    if (response.IsSuccessStatusCode)
                    {
                        var data = response.Content.ReadAsStringAsync().Result;
                        serviceResponse = JsonConvert.DeserializeObject<ServiceResponse>(data);
                    }
                }
            }
        }
        catch (Exception ex)
        {
           throw
        }
        return serviceResponse;
  }

If i give Security protocol like this , it will work 

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Also i tried from postman with the request and it is not failing. So now am confused because if from postman its working then ideally its not the WebApp setup issue

1 answers

solution1
 1 ACCPTED  2019-08-05 08:12:41

TLS 1.0 is no longer the default. Add this line before making the request: 

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Have a Reference to this issue .

Update:

but my doubt is why the same code is not failing for other web apps ?

Found the issue, it was due the target framework was 4.5.2 in webconfig. 

<compilation targetFramework="4.7.2"></compilation> 
<httpRuntime targetFramework="4.7.2" />

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Supporting TLS 1.2 and 1.1 in portable HttpClient Use TLS 1.1 or 1.2 in WCF and .NET 4.0? Is TLS 1.1 and TLS 1.2 enabled by default for .NET 4.5 and .NET 4.5.1? Turn on TLS 1.0, TLS 1.1, TLS 1.2 ... Asp.NET IIS 10.0 WCF Service + Client (TLS1.2 Issue) Update .NET web service to use TLS 1.2 Need to enable TLS1.2 in server environment and disable TLS1.0 & 1.1 WCF secure connection should initiate connection with TLS 1.2 protocol Azure App Service Connection Timeout Issue SignalR connection limits in Azure Web App
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM