none
This could be due to the face that the server certificate is not configured properly with HTTP.SYS in the HTTPS case.

    Question

  • I have a server certificate installed on my Azure Cloud Service with a web service. I am receiving the following error:

    An error occured while making the HTTP request to https://myservice.svc. This could be due to the face that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server.

    I have a C# Windows Application that uses this service. There are about 20 different people/computers that use this program every day. Three to four of them are getting this error a handful of times each day. The service has about 50 different methods. Each person is probably calling the service at least every 2 minutes (something in the program refreshes every 2 minutes plus anything else they do) for 10 hours a day.

    Web Service: .NET 4.5

    Client App: .NET 4.0 Client Profile (most of their companies computers have either 4.0 Full or 4.0 Client)

    Here are my config files on the server side (the startup task unlocks access to turn SSL on):

    ServiceDefinition.csdef

    <?xml version="1.0" encoding="utf-16"?>
    <ServiceDefinition xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="AzureCloudService" schemaVersion="2015-04.2.6" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition">
      <WebRole name="TireDispatcherWebService">
        <Imports>
          <Import moduleName="RemoteForwarder" />
          <Import moduleName="RemoteAccess" />
        </Imports>
        <Startup>
          <Task commandLine="startup.cmd" executionContext="elevated" taskType="simple" />
        </Startup>
        <ConfigurationSettings>
          <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" />
        </ConfigurationSettings>
        <Endpoints>
          <InputEndpoint name="HttpsIn" protocol="https" port="443" certificate="tdcert" />
        </Endpoints>
        <Certificates>
          <Certificate name="tdcert" storeLocation="LocalMachine" storeName="CA" permissionLevel="limitedOrElevated" />
        </Certificates>
        <Sites>
          <Site name="Web">
            <Bindings>
              <Binding name="HttpsIn" endpointName="HttpsIn" />
            </Bindings>
          </Site>
        </Sites>
      </WebRole>
    </ServiceDefinition>

    ServiceConfiguration.Cloud.cscfg

    <?xml version="1.0" encoding="utf-16"?>
    <ServiceConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" serviceName="AzureCloudService" osFamily="4" osVersion="*" schemaVersion="2015-04.2.6" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration">
      <Role name="REMOVED">
        <ConfigurationSettings>
          <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" value="DefaultEndpointsProtocol=https;AccountName=REMOVED;AccountKey=REMOVED" />
        </ConfigurationSettings>
        <Instances count="1" />
        <Certificates>
          <Certificate name="tdcert" thumbprint="REMOVED" thumbprintAlgorithm="sha1"/>
        </Certificates>
      </Role>
    </ServiceConfiguration>

    Web.config

    <?xml version="1.0" encoding="utf-8"?>
    <configuration>
      <system.diagnostics>
        <trace>
          <listeners>
            <add type="Microsoft.WindowsAzure.Diagnostics.DiagnosticMonitorTraceListener, Microsoft.WindowsAzure.Diagnostics, Version=2.8.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" name="AzureDiagnostics">
              <filter type="" />
            </add>
          </listeners>
        </trace>
      </system.diagnostics>
      <system.web>
        <compilation debug="false" targetFramework="4.5" />
        <customErrors mode="Off" />
        <pages controlRenderingCompatibilityVersion="4.0" />
      </system.web>
      <system.serviceModel>
        <services>
          <service name="TireDispatcherWebService.TDWebService" behaviorConfiguration="BindingBehavior">
            <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding" contract="TireDispatcherWebService.ITDWebService" />
          </service>
        </services>
        <bindings>
          <wsHttpBinding>
            <binding name="wsHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
              <readerQuotas maxDepth="64" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
              <security mode="TransportWithMessageCredential">
                <message clientCredentialType="UserName" />
              </security>
            </binding>
          </wsHttpBinding>
        </bindings>
        <behaviors>
          <serviceBehaviors>
            <behavior name="BindingBehavior">
              <serviceMetadata httpsGetEnabled="true" />
              <serviceDebug httpsHelpPageEnabled="false" includeExceptionDetailInFaults="false" />
              <serviceThrottling maxConcurrentCalls="16" maxConcurrentSessions="10" maxConcurrentInstances="2147483647" />
              <serviceCredentials>
                <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="TireDispatcherWebService.ServiceAuthenticator, TireDispatcherWebService" />
              </serviceCredentials>
            </behavior>
          </serviceBehaviors>
        </behaviors>
        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
      </system.serviceModel>
      <system.webServer>
        <security>
          <access sslFlags="Ssl" />
        </security>
        <modules runAllManagedModulesForAllRequests="true" />
        <directoryBrowse enabled="false" />
      </system.webServer>
      <runtime>
        <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
          <dependentAssembly>
            <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
            <bindingRedirect oldVersion="0.0.0.0-8.0.0.0" newVersion="8.0.0.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="Microsoft.Data.Services.Client" publicKeyToken="31bf3856ad364e35" culture="neutral" />
            <bindingRedirect oldVersion="0.0.0.0-5.7.0.0" newVersion="5.7.0.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="Microsoft.Data.OData" publicKeyToken="31bf3856ad364e35" culture="neutral" />
            <bindingRedirect oldVersion="0.0.0.0-5.7.0.0" newVersion="5.7.0.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="Microsoft.Data.Edm" publicKeyToken="31bf3856ad364e35" culture="neutral" />
            <bindingRedirect oldVersion="0.0.0.0-5.7.0.0" newVersion="5.7.0.0" />
          </dependentAssembly>
        </assemblyBinding>
      </runtime>
    </configuration>

    The service has a class to verify a default username/password I have hardcoded to the service:

        public class ServiceAuthenticator : UserNamePasswordValidator
        {
            public override void Validate(string userName, string password)
            {
                if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(password))
                    throw new ArgumentNullException();
    
                if (userName != "REMOVED" || password != "REMOVED")
                    throw new SecurityTokenException("Unknown username or password");
            }
        }

    Then on the client end:

    Before each call I used the following:

    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
    client.ClientCredentials.UserName.UserName = "REMOVED";
    client.ClientCredentials.UserName.Password = "REMOVED";

    App.config

    <?xml version="1.0" encoding="utf-8"?>
    <configuration>
        <configSections>
            <sectionGroup name="userSettings" type="System.Configuration.UserSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
                <section name="TireDispatcher.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowExeDefinition="MachineToLocalUser" requirePermission="false"/>
            </sectionGroup>
        </configSections>
        <connectionStrings/>
        <startup> 
            <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client"/>
        </startup>
        <userSettings>
            <TireDispatcher.Properties.Settings>
                <setting name="RememberMe" serializeAs="String">
                    <value>False</value>
                </setting>
                <setting name="Company" serializeAs="String">
                    <value/>
                </setting>
                <setting name="Username" serializeAs="String">
                    <value/>
                </setting>
            </TireDispatcher.Properties.Settings>
        </userSettings>
        <system.serviceModel>
            <bindings>
                <wsHttpBinding>
                    <binding name="WSHttpBinding_ITDWebService" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
                        <security mode="TransportWithMessageCredential">
                            <transport clientCredentialType="None"/>
                            <message clientCredentialType="UserName"/>
                        </security>
                    </binding>
                </wsHttpBinding>
            </bindings>
            <client>
                <endpoint address="https://REMOVED.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITDWebService" contract="TDWebService.ITDWebService" name="WSHttpBinding_ITDWebService"/>
            </client>
        </system.serviceModel>
        <system.net>
          <defaultProxy useDefaultCredentials="true">
          </defaultProxy>
        </system.net>
    </configuration>

    These few people have been getting a few errors every day since I released this software. There have been different errors. I keep fixing different ones (I think? It could be the same underlying issue?) then getting new ones. I am unable to fix this problem.

    I have ran the software on my personal computer for 3 days straight with no problems.

    Why would the service work fine except for these few people a few times a day? What can I try to fix this problem?




    • Edited by Ozziwald Wednesday, February 17, 2016 5:23 AM
    Wednesday, February 17, 2016 4:08 AM

Answers