Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • James 7 posts 99 karma points
    Jun 17, 2016 @ 13:28
    James
    0

    .Net & Umbraco communication between servers

    Hi there, I have an install of Umbraco (7.4.3) on a stage and live environment and was using Courier (2.52.7) to sync between the two successfuly. However, the servers have been locked down to only TLS1.2 and now I get the below error when trying to sync:

    System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possess a common algorithm
    at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)
    at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential& secureCredential)
    at System.Net.Security.SecureChannel.AcquireClientCredentials(Byte[]& thumbPrint)
    at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
    at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
    at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
    at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
    at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
    at System.Net.ConnectStream.WriteHeaders(Boolean async)
    

    Has anyone come accross this before as i've been going around in circles for weeks!?

    Thanks

    J

    ------------ UPDATE --------------

    We believe that this might be a .Net problem with version 4.6 using TLS1.2. The MS page here has some information around it: https://support.microsoft.com/en-gb/kb/3069494 They recommend adding this to the website::

    Programmatically: Must be the very first thing the application does because ServicePointManager will initialize only once. Use the following code example in your application:
    private const string DisableCachingName = @"TestSwitch.LocalAppContext.DisableCaching";
            private const string DontEnableSchUseStrongCryptoName = @"Switch.System.Net.DontEnableSchUseStrongCrypto";
            AppContext.SetSwitch(DisableCachingName, true);
            AppContext.SetSwitch(DontEnableSchUseStrongCryptoName, true);
    By using the AppConfig file for your application: Add the following line to the Appconfig file:
    <AppContextSwitchOverrides value="Switch.System.Net.DontEnableSchUseStrongCrypto=true"/>
    

    Where would I add this in an Umbraco install?

    Many thanks

  • James 7 posts 99 karma points
    Jun 30, 2016 @ 16:30
    James
    0

    I have now created two windows servers with Vanilla installs of Umbraco & Courier and still have this problem between server communication.

    Is this a known bug in Courier?

  • Owain Williams 461 posts 1351 karma points MVP 5x c-trib
    Oct 11, 2017 @ 09:23
    Owain Williams
    0

    Did you ever fix this? Currently hitting the same issue. Thanks

  • Steve Morgan 1302 posts 4352 karma points c-trib
    Oct 11, 2017 @ 13:28
    Steve Morgan
    0

    Hi,

    I think I had a similar issue with an old Windows Server 2008 box and Forms. The forms were being POSTed to SalesForce which had been locked down to TLS1.2

    I suspected the code wasn't specifying using TLS above 1.0 but there are some Registry settings to force all .NET code to use the newer TLS protocols from the server.

    I think the reg flag you want is half way down on the comments here but it was a few months ago.. so I can't remember exactly what I set but it did the trick.

    https://stackoverflow.com/questions/28286086/default-securityprotocol-in-net-4-5

    if not try here: .NET Enable SSL TLS

    HTH

    Steve

  • MuirisOG 382 posts 1283 karma points
    Oct 11, 2017 @ 14:00
    MuirisOG
    0

    We had to add an extra line of code just before communicating with an external server (not an umbraco server, and excuse the VB code).

    I'm working on putting it into the applicationstarting event as it should be a global setting.

    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
    

    See here for more information

    https://stackoverflow.com/questions/26742054/the-client-and-server-cannot-communicate-because-they-do-not-possess-a-common-a/42124951#42124951

Please Sign in or register to post replies

Write your reply to:

Draft