Hosted WCF on azure app service not responding to client app service

Muhammad Usman Khalil 1 Reputation point
2021-09-12T09:40:18.123+00:00

Hallo,

I am facing the strange problem of WCF service hosted as an app service over Azure. Somehow this client app service is not able to communicate with the Azure App service.

I already deployed the test ( sample ) app service and test sample client app service and they are communicating perfectly.

Following is the exception

" Problem during mgmt frontend component registration! 2021/09/12 08:59:08.111 [ERROR] System.ServiceModel.CommunicationException: An error occurred while making the HTTP request to https://ahponeserver.azurewebsites.net/AHPFrontendService.svc/FES3. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host"

Following is the Web.config of the WCF Server.

 <?xml version="1.0"?>
<configuration>
  <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
    <add key="CryptoKey" value="9878237hsde8zh3299h43h" />
    <add key="AppTitle" value="Service in DEV" />
    <add key="ahpDefaultISOCode" value="EN" />
    <add key="ahpExposeTestController" value="true"/>
    <!--Database Settings-->
    <add key="databaseServer" value="APDV0710" />
    <add key="database" value="AHPOneConfig" />
    <add key="databaseUser" value="AHPOneConfigD13" />
    <add key="databaseUserPassword" value="qx5ZB2xVfEf5gnDtIdzRGAxcpA9g6fNvNdv63gxR2Bo=" />
    <add key="AllowActivation" value="uzuftuGUH3H6bvn41IB7x1Xo/v72atlXdE543qcSRlI=" />
  </appSettings>


  <system.web>
    <compilation debug="true" targetFramework="4.7.2" />
    <httpRuntime targetFramework="4.7.2" />
  </system.web>

  <system.serviceModel>
    <diagnostics>
      <messageLogging logMalformedMessages="true" logMessagesAtServiceLevel="true" logMessagesAtTransportLevel="true" />
    </diagnostics>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpBindingWindows">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>

          <wsHttpBinding>
            <binding name="wsHttpBindingUsername">
              <reliableSession enabled="true" inactivityTimeout="00:30:00" />
              <security mode="Message">
                <message clientCredentialType="UserName" />
              </security>
            </binding>

            <binding name="wsHttpBindingWindows">
              <security mode="Transport">
                <transport clientCredentialType="None"></transport>
                <!--message clientCredentialType="Windows" establishSecurityContext="false" negotiateServiceCredential="false" /-->
              </security>
            </binding>

            <binding name="wsHttpEndpointBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
              <security mode="TransportWithMessageCredential">
                <transport clientCredentialType="None" />
                <message clientCredentialType="UserName" />
              </security>
            </binding>

            <!-- old -->
            <!--<binding name="wsHttpBindingWindows">
              <security mode="Transport">
                <transport clientCredentialType="Windows"/>
              </security>
            </binding>-->
          </wsHttpBinding>

      <!-- Start new entry for external interface -->
      <webHttpBinding>
        <binding>
          <security mode="Transport" />
        </binding>
      </webHttpBinding>
      <!-- End new entry for external interface -->

    </bindings>   

    <behaviors>

      <!-- Start new entry for external interface  -->
      <endpointBehaviors>
        <behavior name="restfulBehavior">
          <webHttp />
        </behavior>
      </endpointBehaviors>
      <!-- End new entry for external interface -->

      <serviceBehaviors>
        <!-- Start new entry for external interface -->
        <behavior name="restfullServiceBehavior">
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
        <!-- End new entry for external interface -->

        <!-- Custom Authentication Windows -->
        <behavior name="windowsValidation2">
          <serviceThrottling maxConcurrentCalls="300" maxConcurrentSessions="2000" maxConcurrentInstances="2000" />
          <serviceMetadata httpGetEnabled="True" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>

        <!-- Custom Authentication UsernamePassword -->
        <behavior name="CustomUsernameValidation2">
          <serviceThrottling maxConcurrentCalls="300" maxConcurrentSessions="2000" maxConcurrentInstances="2000" />
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <!--Specify the Custom Authentication policy that will be used and add the policy location-->
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ahpFrontendWCFService.ServiceImplementation.UserAuthentication,ahpFrontendWCFService" />
          </serviceCredentials>
        </behavior>

        <behavior>
          <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>
      </serviceBehaviors>
    </behaviors>

    <services>

       <service name="ahpFrontendWCFService.AHPFrontendServiceWindows" 
               behaviorConfiguration="windowsValidation2">
        <endpoint name="FES2"
                  address="FES2"
                  binding="wsHttpBinding"
                  contract="ahpFrontendWCFService.IAHPFrontendServiceV1"
                  bindingConfiguration="wsHttpBindingWindows"/>
      </service>

      <service name="ahpFrontendWCFService.AHPFrontendService"
               behaviorConfiguration="CustomUsernameValidation2">
        <endpoint name="FES3"
                  address="FES3"
                  binding="wsHttpBinding"
                  bindingConfiguration="wsHttpEndpointBinding"
                  contract="ahpFrontendWCFService.IAHPFrontendServiceV1"/>
      </service>

       <!--Start new entry for reporting interface--> 
     <service name="ahpFrontendWCFService.AHPReportingService" 
               behaviorConfiguration="CustomUsernameValidation2">
        <endpoint name="FES3"
                  address="FES3"
                  binding="wsHttpBinding"
                  contract="ahpFrontendWCFService.IAHPReportingService"
                  bindingConfiguration="wsHttpEndpointBinding" />
      </service>
       <!--End new entry for reporting interface 

       Start new entry for external interface--> 
      <service name="ahpFrontendWCFService.AHPExternalService"
               behaviorConfiguration="restfullServiceBehavior">
        <endpoint binding="webHttpBinding"
                  contract="ahpFrontendWCFService.IAHPExternalService"
                  behaviorConfiguration="restfulBehavior"/>
      </service>
       <!--End new entry for external interface 

       Start new entry for external interface--> 
      <service name="ahpFrontendWCFService.AHPSetupService"
               behaviorConfiguration="restfullServiceBehavior">
        <endpoint binding="webHttpBinding"
                  contract="ahpFrontendWCFService.IAHPSetupService"
                  behaviorConfiguration="restfulBehavior"/>
      </service>
      <!-- End new entry for external interface -->


    </services>


    <protocolMapping>
      <add binding="basicHttpsBinding" scheme="https" />
    </protocolMapping>

    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true" />
    <!--
        To browse web app root directory during debugging, set the value below to true.
        Set to false before deployment to avoid disclosing web app folder information.
      -->
    <directoryBrowse enabled="true" />
  </system.webServer>

  <location path="AHPOne/Proxy">
    <system.webServer>
      <handlers>
        <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
        <remove name="OPTIONSVerbHandler" />
        <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
      </handlers>
      <httpProtocol>
        <customHeaders>
          <!-- <add name="Access-Control-Allow-Origin" value="*" />  this header is added through api controller class -->
          <add name="Access-Control-Allow-Headers" value="Authorization" />
          <add name="Access-Control-Allow-Credentials" value="true" />
        </customHeaders>
      </httpProtocol>
    </system.webServer>
  </location>

  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
</configuration>

Following is the web.config for the client app service ( Only pasting relavent part from that web.config )

<system.serviceModel>
<!-- username binding-->
<bindings>
<wsHttpBinding>
<binding name="FES3" maxBufferPoolSize="500000000" maxReceivedMessageSize="500000000" sendTimeout="00:20:00">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None"/>
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://ahponeserver.azurewebsites.net/AHPFrontendService.svc/FES3" binding="wsHttpBinding" bindingConfiguration="FES3"
contract="Ahp.Frontend.Shared.WCFProxyClasses.ahpFrontendService" name="FES3"/>
</client>
</system.serviceModel>

I don't know how to figure out what's the issue. What could be the way to get rid of this problem?

Are some certificates needed to set up? is there any issue in configuration?

Would be ahppy to have some ideas.

.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,524 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,479 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jiayao Wu-MSFT 186 Reputation points Microsoft Vendor
    2021-09-13T07:12:15.01+00:00

    Hi @Muhammad Usman Khalil ,
    If your server has been updated to use TLS V1.2 and use standard SSL connections, maybe you can try updating it using the following code:

    if (System.Net.ServicePointManager.SecurityProtocol == (SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls))  
        System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;  
    

    Sincerely,
    Jiayao

    ------------------------------------------------------------------------------------------------------------------------------------------------------

    If the answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.