WCF 错误“这可能是由于服务器证书在 HTTPS 情况下没有使用 HTTP.SYS 正确配置" [英] WCF Error "This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case"
问题描述
我在使用从 Windows 服务到 Web 服务器上运行的 WCF 服务的 WCF 调用时遇到问题.此电话已工作数周,但突然停止工作,此后一直没有工作.
I'm having a problem using a WCF call from a Windows service to my WCF service running on my web server. This call has been working for a number of weeks, but then stopped working all of a sudden, and has not worked since.
我得到的例外是:
发生一般错误 System.ServiceModel.CommunicationException: 发出 HTTP 请求时出错
General Error Occurred System.ServiceModel.CommunicationException: An error occurred while making the HTTP request
然后它说
这可能是因为在 HTTPS 情况下服务器证书没有正确配置 HTTP.SYS.这也可能是由于客户端和服务器之间的安全绑定不匹配造成的.
This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server.
我在两端使用的安全性是 wsHttpBinding,没有任何类型的加密.它也只是使用 HTTP - 而不是 HTTPS,所以我不确定为什么它会抱怨 HTTPS.
The security I'm using on both ends is wsHttpBinding, without any kind of encryption. It also is just using HTTP - not HTTPS, so I'm not sure why it's complaining about HTTPS.
内部异常堆栈的其余部分是:
The rest of the inner exception stack is:
SystemNet.WebException:基础连接已关闭:发送时发生意外错误.---> System.IO.IOException: 无法将数据写入传输连接:提供的参数无效.---> System.Net.Sockets.SocketException:System.Net.Sockets.Socket.MultipleSend(BufferOffsetSize[] buffers, SocketFlags socketFlags) at System.Net.Sockets.NetworkStream.MultipleWrite(BufferOffsetSize[]) 提供了无效参数缓冲区)
SystemNet.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to write data to the transport connection: An invalid argument was supplied. ---> System.Net.Sockets.SocketException: An invalid argument was supplied at System.Net.Sockets.Socket.MultipleSend(BufferOffsetSize[] buffers, SocketFlags socketFlags) at System.Net.Sockets.NetworkStream.MultipleWrite(BufferOffsetSize[] buffers)
我还应该注意,我的程序中发生这种情况的点是在调用 Web 服务的执行"行上 - 也就是说,只要我调用 Web 服务并将其传递给包装好的 DataContract物体,它会爆炸.
I should also note that the point in my program where this occurs is on the "Execute" line of the call to the web service - that is, right as soon as I call the web service and pass it the wrapped up DataContract object, it blows up.
这个服务所做的只是传递大量的 XML(作为 .NET 对象传递给客户端的调用),然后它会处理一些工作.大概有 100-200k 的 XML 正在传输.我已将两端的数据大小限制提高到超过 6 兆,但这似乎没有帮助.
All this service is doing is getting passed a large amount of XML (passed as a .NET object to the call on the client side), which it then does some work with. Probably about 100-200k of XML is being transmitted. I've raised the limits for the data sizes on both ends to over 6 megs, but that didn't seem to help.
有什么想法吗?
有关此问题的更多信息:
Some more information on this issue:
我们在本地复制客户端环境的时候,发现不能上传大量的XML,除非我们做如下修改:1. 在服务器上,将maxRequestLength"设置为 100 MB(比我们发送的要高)2.在客户端,我们将dataContractSerializer标签下的maxItemsInObjectGraph的值设置为2147483646".
When we duplicate the client environment locally, we find that we cannot upload large amounts of XML unless we make the following changes: 1. On the server, set the "maxRequestLength" to 100 MB (way higher than we are sending) 2. On the client, we set the value of maxItemsInObjectGraph under the dataContractSerializer tag to "2147483646".
通过这些更改,我们的本地安装成功上传.但是,客户端在其服务器上的安装仍然失败.值得注意的是,一旦我们在服务器上更改了 maxRequestLength 值,我们的测试安装就开始抛出一个与 maxItemsInObjectGraph 设置相关的错误.而在我们客户端的服务器上,仍然发生原始的HTTP.sys"错误.
With these changes, our local installation uploads successfully. However, the client's install on their server still fails. What interesting to note is that once we made the maxRequestLength value change on the server, our test installation started throwing an error specifically relating to the maxItemsInObjectGraph setting. Whereas on our client's server, still the original "HTTP.sys" error is happening.
正如我之前提到的,我们根本没有使用 SSL,还有 2 个其他 Web 服务调用以相同的方式执行和上传 XML.然而,由于非工作服务调用传输的数据更多,这似乎是一个大小问题.
As I noted before, we are not using SSL at all, and there are 2 other web services calls that execute and upload XML in the same way. However, since the non-working service call transmits more data, this appears to be a size issue.
但是,如果客户端遇到的问题与我们的测试安装遇到的问题相同,我不明白为什么客户端错误消息与 ObjectGraph 错误无关.
However, if the issue the client is having were the same one our test install had, I don't get why the client error message wouldn't be related to the ObjectGraph error.
是否有可能我们只是为客户端上的每个可能的错误获取通用的无效参数"HTTP.sys"错误(即它确实也收到了 objectGraph 错误,但只是没有显示它?)
Is it possible that we're just getting the generic "invalid parameter" "HTTP.sys" error for every possible error on the client (ie. it's really getting the objectGraph error too, but just isn't showing it?)
推荐答案
我们遇到了这个问题,因为主机服务器已更新为使用 TLS V1.2,并且我们使用标准 SSL 进行连接.这是作为网站渗透测试的一部分进行的更新.我们在代码连接中看到了这个问题,但在转到 wsdl 的浏览器中没有看到.以下代码已解决:
We had this issue as the host server had been updated to use TLS V1.2 and we were connecting using standard SSL. This was an update made as part of pen testing of the sites. We saw the issue in code connection, but not browsers going to the wsdl. Below code resolved:
if (System.Net.ServicePointManager.SecurityProtocol == (SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls))
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
取自:如何在 .NET 中禁用 SSL 回退并仅将 TLS 用于出站连接?(贵宾犬缓解)
这篇关于WCF 错误“这可能是由于服务器证书在 HTTPS 情况下没有使用 HTTP.SYS 正确配置"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
