EWS Eine vorhandene Verbindung wurde vom Remotehost geschlossen

Hallo,

ich möchte mit meiner VB.net-Anwendung Daten vom Webserver einer Maschinensteuerung abfragen und verzweifle schon am Anfang des Vorhabens.

Es gibt eine Schnittstellenbeschreibung des Herstellers. Danach soll Multicast-DNS, HTTPS (TLS 1.2) und die http-Basic-Authentifizierung verwendet werden.

Wenn ich auf meinem PC (Windows 7, KIS 2018, VS 2010) via Firefox folgende url aufrufe:

machine1/api/geraetestatus

muß ich Benutzername und Kennwort eingeben und bekomme die gewünschten Informationen angezeigt. KIS fragt vorher nach ob ich das Zertifikat akzeptieren möchte, weil: „Die Zertifikatskette ist unvollständig“.

In VB versuche ich es mit folgendem Code:

VB.NET-Quellcode

1. Dim hreq As HttpWebRequest = CType(HttpWebRequest.Create("https://machine1/api/geraetestatus"), HttpWebRequest)
2. hreq.Credentials = New System.Net.NetworkCredential("webserver", "12345678")
3. Dim hres As HttpWebResponse = CType(hreq.GetResponse(), HttpWebResponse)

Ich erhalte in der letzten Zeile die Fehlermeldung: „Die zugrunde liegende Verbindung wurde geschlossen: Unerwarteter Fehler beim Senden..“.

Was mache ich verkehrt? Muß ich mit den Zertifikaten etwas machen? Auf eine Echtheitsprüfung der Daten lege ich (erstmal) keinen Wert.
Über Hilfe würde ich mich sehr freuen!

Carsten

I have got a problem with C# and a simple HTTPS-Request...

I want to request this URL: https://api.sipgate.com/v1/ In a webbrowser it works fine, but my C#-Code doesn't work :( Has anybody an idea what I did wrong? Thank you!

using System.Net;
using System.IO;

// [...]

WebRequest req = WebRequest.Create("https://api.sipgate.com/v1");
req.ContentType = "application/json";

try {
    WebResponse res = req.GetResponse();  // Exception here...
    Stream content = res.GetResponseStream();
    Console.WriteLine((new StreamReader(content)).ReadToEnd());
} catch (Exception e) {
    Console.WriteLine(e.ToString());                
}

Here is the exception:

System.Net.WebException: Die zugrunde liegende Verbindung wurde geschlossen: Unerwarteter Fehler beim Senden.. ---> System.IO.IOException: Fehler bei Authentifizierung, da die Gegenseite den Transportstream geschlossen hat.
   bei System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   bei System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   bei System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   bei System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
   bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   bei System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
   bei System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   bei System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   bei System.Net.ConnectStream.WriteHeaders(Boolean async)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.Net.HttpWebRequest.GetResponse()
   bei Sipgate_Test.Program.Main(String[] args) in c:\users\abc\documents\visual studio 2017\Projects\def\hij\Program.cs:Zeile 24.

System.Net.WebException:

Error in authentication because the other side has closed the transport stream.

I have a server app and sometimes, when the client tries to connect, I get the following error:

NOTE: the "couldn't get stream from client or login failed" is a text that's added by me in catch statement

and the line at which it stops ( sThread : line 96 ) is :

tcpClient = (TcpClient)client;
clientStream = tcpClient.GetStream();
sr = new StreamReader(clientStream);
sw = new StreamWriter(clientStream);

// line 96:                 
a = sr.ReadLine();

What may be causing this problem? Note that it doesn't happen all the time

Luke Girvin

13.1k8 gold badges62 silver badges83 bronze badges

asked Mar 24, 2011 at 14:24

1

I received this error when calling a web-service. The issue was also related to transport level security. I could call the web-service through a website project, but when reusing the same code in a test project I would get a WebException that contained this message. Adding the following line before making the call resolved the issue:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

Edit

System.Net.ServicePointManager.SecurityProtocol - This property selects the version of the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol to use for new connections that use the Secure Hypertext Transfer Protocol (HTTPS) scheme only; existing connections are not changed.

I believe the SecurityProtocol configuration is important during the TLS handshake when selecting the protocol version.

TLS handshake - This protocol is used to exchange all the information required by both sides for the exchange of the actual application data by TLS.

ClientHello - A client sends a ClientHello message specifying the highest TLS protocol version it supports ...

ServerHello - The server responds with a ServerHello message, containing the chosen protocol version ... The chosen protocol version should be the highest that both the client and server support. For example, if the client supports TLS version 1.1 and the server supports version 1.2, version 1.1 should be selected; version 1.2 should not be selected.

answered Mar 10, 2017 at 21:29

Hans VonnHans Vonn

3,8013 gold badges20 silver badges15 bronze badges

2

This error usually means that the target machine is running, but the service that you're trying to connect to is not available. (Either it stopped, crashed, or is busy with another request.)

In English: The connection to the machine (remote host/server/PC that the service runs at) was made but since the service was not available on that machine, the machine didn't know what to do with the request.

If the connection to the machine was not available, you'd see a different error. I forget what it is, but it's along the lines of "Service Unreachable" or "Unavailable".

Edit - added

It IS possible that this is being caused by a firewall blocking the port, but given that you say it's intermittent ("sometimes when the client tries to connect"), that's very unlikely. I didn't include that originally because I had ruled it out mentally before replying.

answered Mar 24, 2011 at 14:33

DavidDavid

71.6k17 gold badges128 silver badges172 bronze badges

7

My specific case scenario was that the Azure app service had the minimum TLS version changed to 1.2

I don't know if that's the default from now on, but changing it back to 1.0 made it work.

You can access the setting inside "SSL Settings".

answered Jul 13, 2018 at 22:00

Hugo HilárioHugo Hilário

2,7702 gold badges25 silver badges41 bronze badges

3

According to "Hans Vonn" replies.

Adding the following line before making the call resolved the issue:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

After adding Security protocol and working fine but I have to add before every API call which is not healthy. I just upgrade .net framework version at least 4.6 and working as expected do not require to adding before every API call.

answered Jan 15, 2020 at 3:30

MahiMahi

8798 silver badges17 bronze badges

1

For those who may find this later, after .NET version 4.6, I was running into this problem as well.

Make sure that you check your web.config file for the following lines:

<compilation debug="true" targetFramework="4.5">
...
<httpRuntime targetFramework="4.5" />

If you are running 4.6.x or a higher version of .NET on the server, make sure you adjust these targetFramework values to match the version of the framework on your server. If your versions read less than 4.6.x, then I would recommend you upgrade .NET and use the newer version unless your code is dependent on an older version (which, in that case, you should consider updating it).

I changed the targetFrameworks to 4.7.2 and the problem disappeared:

<compilation debug="true" targetFramework="4.7.2">
...
<httpRuntime targetFramework="4.7.2" />

The newer frameworks sort this issue out by using the best protocol available and blocking insecure or obsolete ones. If the remote service you are trying to connect to or call is giving this error, it could be that they don't support the old protocols anymore.

answered Jul 29, 2020 at 16:48

0

Calls to HTTPS services from one of our servers were also throwing the "Unable to read data from the transport connection : An existing connection was forcibly closed" exception. HTTP service, though, worked fine. Used Wireshark to see that it was a TLS handshake Failure. Ended up being that the cipher suite on the server needed to be updated.

answered Oct 2, 2015 at 14:56

JobrocolJobrocol

83610 silver badges12 bronze badges

0

This solved my problem. I added this line before the request is made:

System.Net.ServicePointManager.Expect100Continue = false;

It seemed there were a proxy in the way of the server that not supported 100-continue behavior.

answered Mar 4, 2018 at 6:40

Mahdi AtaollahiMahdi Ataollahi

4,0243 gold badges24 silver badges37 bronze badges

0

This won't help for intermittent issues, but may be useful for other people with a similar problem.

I had cloned a VM and started it up on a different network with a new IP address but not changed the bindings in IIS. Fiddler was showing me "Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host" and IE was telling me "Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings". Changing the binding to the new IP address solved it for me.

answered Mar 23, 2016 at 12:51

Jon.MozleyJon.Mozley

4031 gold badge6 silver badges12 bronze badges

0

For some reason, the connection to the server was lost. It could be that the server explicitly closed the connection, or a bug on the server caused it to be closed unexpectedly. Or something between the client and the server (a switch or router) dropped the connection.

It might be server code that caused the problem, and it might not be. If you have access to the server code, you can put some debugging in there to tell you when client connections are closed. That might give you some indication of when and why connections are being dropped.

On the client, you have to write your code to take into account the possibility of the server failing at any time. That's just the way it is: network connections are inherently unreliable.

answered Mar 24, 2011 at 14:40

Jim MischelJim Mischel

128k19 gold badges183 silver badges338 bronze badges

• I was sending the HttpWebRequest from Console App, and UserAgent was null by (default), so setting UserAgent worked along with setting SecurityProtocol.
• Should set SecurityProtocol before creating HttpWebRequest.

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

HttpWebRequest req = (HttpWebRequest)WebRequest.Create("yourpostURL");
req.UserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36";

answered Sep 13, 2021 at 7:49

The webrequest user agent is null by default. Just google "block empty user agent" and you'll find a strong desire of many web server admins to do just that.

Sending my request with request.UserAgent = "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0"; fixed the issue.

TylerH

20.3k60 gold badges75 silver badges94 bronze badges

answered Aug 30, 2021 at 10:19

ExternalUseExternalUse

2,0232 gold badges23 silver badges36 bronze badges

I get that problem in the past. I'm using PostgreSQL and when I run my program, sometimes it connects and sometimes it throws an error like that.

When I experiment with my code, I put my Connection code at the very first line below the public Form. Here is an example:

BEFORE:

    public Form1()
        {
        //HERE LIES SOME CODES FOR RESIZING MY CONTROLS DURING RUNTIME
        //CODE
        //CODE AGAIN
        //ANOTHER CODE
        //CODE NA NAMAN
        //CODE PA RIN!





        //Connect to Database to generate auto number
        NpgsqlConnection iConnect = new NpgsqlConnection("Server=localhost;Port=5432;User ID=postgres;Password=pass;Database=DB");
        iConnect.Open();
        NpgsqlCommand iQuery = new NpgsqlCommand("Select * from table1", iConnect);
        NpgsqlDataReader iRead = iQuery.ExecuteReader();
        NpgsqlDataAdapter iAdapter = new NpgsqlDataAdapter(iQuery);

        DataSet iDataSet = new DataSet();
        iAdapter.Fill(iDataSet, "ID");

        MessageBox.Show(iDataSet.Tables["ID"].Rows.Count.ToString());
        }

NOW:

    public Form1()
        {
        //Connect to Database to generate auto number
        NpgsqlConnection iConnect = new NpgsqlConnection("Server=localhost;Port=5432;User ID=postgres;Password=pass;Database=DB");
        iConnect.Open();
        NpgsqlCommand iQuery = new NpgsqlCommand("Select * from table1", iConnect);
        NpgsqlDataReader iRead = iQuery.ExecuteReader();
        NpgsqlDataAdapter iAdapter = new NpgsqlDataAdapter(iQuery);

        DataSet iDataSet = new DataSet();
        iAdapter.Fill(iDataSet, "ID");

        MessageBox.Show(iDataSet.Tables["ID"].Rows.Count.ToString());





        //HERE LIES SOME CODES FOR RESIZING MY CONTROLS DURING RUNTIME
        //CODE
        //CODE AGAIN
        //ANOTHER CODE
        //CODE NA NAMAN
        //CODE PA RIN!

        }

I think that the program must read first the connection before doing anything, I don't know, correct me if I'm wrong. But according to my research, it's not a code problem - it was actually from the machine itself.

TylerH

20.3k60 gold badges75 silver badges94 bronze badges

answered Mar 23, 2017 at 6:14

System.Net.ServicePointManager.Expect100Continue = false;

This issue sometime occurs due the reason of proxy server implemented on web server. To bypass the proxy server by putting this line before calling the send service.

answered May 29, 2018 at 7:51

Tahir AlviTahir Alvi

7862 gold badges12 silver badges43 bronze badges

We had a very similar issue whereby a client's website was trying to connect to our Web API service and getting that same message. This started happening completely out of the blue when there had been no code changes or Windows updates on the server where IIS was running.

In our case it turned out that the calling website was using a version of .Net that only supported TLS 1.0 and for some reason the server where our IIS was running stopped appeared to have stopped accepting TLS 1.0 calls. To diagnose that we had to explicitly enable TLS via the registry on the IIS's server and then restart that server. These are the reg keys:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS
    1.0\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS
    1.0\Server] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS
    1.1\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS
    1.1\Server] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS
    1.2\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS
    1.2\Server] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

If that doesn't do it, you could also experiment with adding the entry for SSL 2.0:


    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
    "DisabledByDefault"=dword:00000000
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
    "DisabledByDefault"=dword:00000000
    "Enabled"=dword:00000001

My answer to another question here has this powershell script that we used to add the entries:

NOTE: Enabling old security protocols is not a good idea, the right answer in our case was to get the client website to update it's code to use TLS 1.2, but the registry entries above can help diagnose the issue in the first place.

answered Aug 24, 2018 at 12:55

tomRedoxtomRedox

26.2k22 gold badges117 silver badges149 bronze badges

The reason this was happening to me was I had a recursive dependency in my DI provider. In my case I had:

services.AddScoped(provider => new CfDbContext(builder.Options));
services.AddScoped(provider => provider.GetService<CfDbContext>());

Fix was to just remove the second scoped service registration

services.AddScoped(provider => new CfDbContext(builder.Options));

answered Dec 18, 2018 at 7:57

Had a similar problem and was getting the following errors depending on what app I used and if we bypassed the firewall / load balancer or not:

HTTPS handshake to [blah] (for #136) failed. System.IO.IOException Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host

and

ReadResponse() failed: The server did not return a complete response for this request. Server returned 0 bytes.

The problem turned out to be that the SSL Server Certificate got missed and wasn't installed on a couple servers.

answered Mar 29, 2019 at 18:38

deadlydogdeadlydog

21.5k14 gold badges105 silver badges117 bronze badges

For me, It was an issue where in the IIS binding it had the IP address of the web server. I changed it to use all unassigned IPs and my application started to work.

answered May 8, 2020 at 17:19

I experienced the error with python clr running mdx query to Microsoft analytic services using adomd

I solved it with help of Hans Vonn and here is the python version:

clr.AddReference("System.Net")
from System.Net import ServicePointManager, SecurityProtocolType 
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls

Ahmed Ali

1,79614 silver badges27 bronze badges

answered Jul 12, 2020 at 21:40

I received this error simply because I was attempting to make an http connection to an https-only server. Changing the request protocol in the URI from http to https thus resolved it.

answered Jun 30, 2021 at 10:27

david.barkhuizendavid.barkhuizen

5,0894 gold badges35 silver badges37 bronze badges

This is how I solved the issue:

                int i = 0;
                while (stream.DataAvailable == true)
                {
                    bytes[i] = ((byte)stream.ReadByte());
                    i++;
                }

                data = System.Text.Encoding.ASCII.GetString(bytes, 0, i);
                Console.WriteLine("Received: {0}", data);

answered Aug 16, 2021 at 11:14

1

I had a Third Party application (Fiddler) running to try and see the requests being sent. Closing this application fixed it for me

answered Sep 11, 2014 at 19:00

Johan AspelingJohan Aspeling

7431 gold badge12 silver badges38 bronze badges

If you have a https certificate on the domain, make sure you have the https binding to the domain name in IIS. In IIS -> Select your domain -> Click on Bindings Site Bindings Window opens up. Add a binding for https.

answered Mar 14, 2019 at 17:28

Try checking if you can establish handshake in the first place. I had this issue before when uploading a file and I only figured out that the issue was the nonexistent route when I removed the upload and checked if it can login given the parameters.

answered Aug 26, 2019 at 8:30

RaffyRaffy

3151 gold badge5 silver badges11 bronze badges

This problem occurring when the Service is Unavailable within the proxy server. We can bypass the proxy server. Before start, the service, apply this code line.

System.Net.ServicePointManager.Expect100Continue = false;

Further details

answered Jun 28, 2021 at 13:26

Chanuka Chanuka

771 silver badge3 bronze badges