none
A call to SSPI failed, see inner exception? RRS feed

  • Question

  • Hi,

    I have the following solution : 

    • WCF service hosted in Windows Service
    • WCF configurated to use TCP and Protobuf
    • Channel factory is used instead of proxy class
    • SmartCard reader with NetiD(that copies certificates from card to personal storage at insert)
    • Specific certificate (2048 bit key) for service(stated in web.config)
    • Winform fat client connecting to service with WCF

    This is what I do : 

    1. Start service and client
    2. Listen on cardreader
    3. Set in card and let NetId copy certificates to personal storage
    4. Setup communication with ChannelFactory to use one of the new certificates copied from the SmartCard
    5. Begin communication with service
    6. Service got a CustomAuthorizationPolicy_ClientService what will Evaluate the incoming message and login user
    7. Login is a success with the provided certificate and the next webmethod in the WCF service is triggered
    8. Webform client opens main windows and brings up a dialog
    9. I stop listening on the SmartCard changes during the dialog is open but only in my mainController. The new dialog will take over and listen to the same reader
    10. Remove card
    11. Certificates removed from private store
    12. Insert card
    13. Certificates copied to private store
    14. The same certificate(as from first connection) is used to open a new channel to the service. 
    15. Call the authentication webmethod in the WCF service.

    I now get the following exception : 

    A first chance exception of type 'System.ServiceModel.Security.SecurityNegotiationException' occurred in mscorlib.dll

    Additional information: A call to SSPI failed, see inner exception.

    InnerException : 

    The Local Security Authority cannot be contacted

       
    at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
       at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
       at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
       at System.ServiceModel.Channels.SslStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)

    I have also notice that if I make a quick connect, disconnect and then connect again I will get the same exception?

    Why am I getting this? And how do I solve it?

    Monday, June 16, 2014 12:30 PM

All replies

  • Hi,

    Please try to enable WCF tracing on the service (msdn.microsoft.com/en-us/library/ms733025.aspx), it will likely give you all the necessary information. If you're on a domain, I'd assume it's something causing kerberos to fail (like a missing or misconfigured SPN, or the base address using a hostname that doesn't match the SPN configured or is not known to the domain controllers.)

    Also it will be better if you can post your config file here.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, June 17, 2014 6:52 AM
    Moderator
  • The WCF log says this : 

    <E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
    <System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
    <EventID>262256</EventID>
    <Type>3</Type>
    <SubType Name="Error">0</SubType>
    <Level>2</Level>
    <TimeCreated SystemTime="2014-06-17T10:10:28.5237387Z" />
    <Source Name="System.ServiceModel" />
    <Correlation ActivityID="{75f905b8-590f-4ee7-a96c-f49b6866bd6e}" />
    <Execution ProcessName="MyApp5.WindowsService.vshost" ProcessID="7600" ThreadID="26" />
    <Channel />
    <Computer>JIMMY-PC</Computer>
    </System>
    <ApplicationData>
    <TraceData>
    <DataItem>
    <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Error">
    <TraceIdentifier>http://msdn.microsoft.com/sv-SE/library/System.ServiceModel.Channels.TcpConnectionResetError.aspx</TraceIdentifier>
    <Description>The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '10675199.02:48:05.4775807'. The local IP address and port is [::1]:8035. The remote IP address and port is [::1]:59941.</Description>
    <AppDomain>MyApp5.WindowsService.vshost.exe</AppDomain>
    <ExtendedData xmlns="http://schemas.microsoft.com/2006/08/ServiceModel/MessageTraceRecord"></ExtendedData>
    <Exception>
    <ExceptionType>System.ServiceModel.CommunicationException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
    <Message>The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '10675199.02:48:05.4775807'.</Message>
    <StackTrace>
    at System.ServiceModel.Channels.SocketConnection.ConvertTransferException(SocketException socketException, TimeSpan timeout, Exception originalException, TransferOperation transferOperation, Boolean aborted, String timeoutErrorString, TransferOperation timeoutErrorTransferOperation, SocketConnection socketConnection, TimeSpan remainingTime)
    at System.ServiceModel.Channels.SocketConnection.ConvertReceiveException(SocketException socketException, TimeSpan remainingTime)
    at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)
    at System.ServiceModel.Channels.SocketConnection.Read(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout)
    at System.ServiceModel.Channels.DelegatingConnection.Read(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout)
    at System.ServiceModel.Channels.TracingConnection.Read(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout)
    at System.ServiceModel.Channels.ConnectionStream.Read(Byte[] buffer, Int32 offset, Int32 count)
    at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
    at System.Net.Security.SslStream.AuthenticateAsServer(X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
    at System.ServiceModel.Channels.SslStreamSecurityUpgradeAcceptor.OnAcceptUpgrade(Stream stream, SecurityMessageProperty&amp; remoteSecurity)
    at System.ServiceModel.Channels.StreamSecurityUpgradeAcceptorBase.AcceptUpgrade(Stream stream)
    at System.ServiceModel.Channels.InitialServerConnectionReader.UpgradeConnection(IConnection connection, StreamUpgradeAcceptor upgradeAcceptor, IDefaultCommunicationTimeouts defaultTimeouts)
    at System.ServiceModel.Channels.ServerSessionPreambleConnectionReader.ServerFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
    at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
    at System.ServiceModel.Channels.CommunicationObject.Open()
    at System.ServiceModel.Dispatcher.ChannelHandler.OpenAndEnsurePump()
    at System.ServiceModel.Dispatcher.ChannelHandler.OpenAndEnsurePump(Object state)
    at System.Runtime.ActionItem.DefaultActionItem.TraceAndInvoke()
    at System.Runtime.ActionItem.DefaultActionItem.Invoke()
    at System.Runtime.ActionItem.CallbackHelper.InvokeWithoutContext(Object state)
    at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
    at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
    at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
    </StackTrace>
    <ExceptionString>System.ServiceModel.CommunicationException: The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '10675199.02:48:05.4775807'. ---&gt; System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
       at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
       at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)
       --- End of inner exception stack trace ---</ExceptionString>
    <InnerException>
    <ExceptionType>System.Net.Sockets.SocketException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
    <Message>An existing connection was forcibly closed by the remote host</Message>
    <StackTrace>
    at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
    at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)
    </StackTrace>
    <ExceptionString>System.Net.Sockets.SocketException (0x80004005): An existing connection was forcibly closed by the remote host
       at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
       at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)</ExceptionString>
    <NativeErrorCode>2746</NativeErrorCode>
    </InnerException>
    </Exception>
    </TraceRecord>
    </DataItem>
    </TraceData>
    </ApplicationData>
    </E2ETraceEvent>
    <E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
    <System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
    <EventID>131075</EventID>
    <Type>3</Type>
    <SubType Name="Error">0</SubType>
    <Level>2</Level>
    <TimeCreated SystemTime="2014-06-17T10:10:28.5237387Z" />
    <Source Name="System.ServiceModel" />
    <Correlation ActivityID="{75f905b8-590f-4ee7-a96c-f49b6866bd6e}" />
    <Execution ProcessName="MyApp5.WindowsService.vshost" ProcessID="7600" ThreadID="26" />
    <Channel />
    <Computer>JIMMY-PC</Computer>
    </System>
    <ApplicationData>
    <TraceData>
    <DataItem>
    <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Error">
    <TraceIdentifier>http://msdn.microsoft.com/sv-SE/library/System.ServiceModel.Diagnostics.ThrowingException.aspx</TraceIdentifier>
    <Description>Throwing an exception.</Description>
    <AppDomain>MyApp5.WindowsService.vshost.exe</AppDomain>
    <Exception>
    <ExceptionType>System.ServiceModel.CommunicationException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
    <Message>The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '10675199.02:48:05.4775807'.</Message>
    <StackTrace>
    at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)
    at System.ServiceModel.Channels.SocketConnection.Read(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout)
    at System.ServiceModel.Channels.DelegatingConnection.Read(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout)
    at System.ServiceModel.Channels.TracingConnection.Read(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout)
    at System.ServiceModel.Channels.ConnectionStream.Read(Byte[] buffer, Int32 offset, Int32 count)
    at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
    at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
    at System.Net.Security.SslStream.AuthenticateAsServer(X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
    at System.ServiceModel.Channels.SslStreamSecurityUpgradeAcceptor.OnAcceptUpgrade(Stream stream, SecurityMessageProperty&amp; remoteSecurity)
    at System.ServiceModel.Channels.StreamSecurityUpgradeAcceptorBase.AcceptUpgrade(Stream stream)
    at System.ServiceModel.Channels.InitialServerConnectionReader.UpgradeConnection(IConnection connection, StreamUpgradeAcceptor upgradeAcceptor, IDefaultCommunicationTimeouts defaultTimeouts)
    at System.ServiceModel.Channels.ServerSessionPreambleConnectionReader.ServerFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
    at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
    at System.ServiceModel.Channels.CommunicationObject.Open()
    at System.ServiceModel.Dispatcher.ChannelHandler.OpenAndEnsurePump()
    at System.ServiceModel.Dispatcher.ChannelHandler.OpenAndEnsurePump(Object state)
    at System.Runtime.ActionItem.DefaultActionItem.TraceAndInvoke()
    at System.Runtime.ActionItem.DefaultActionItem.Invoke()
    at System.Runtime.ActionItem.CallbackHelper.InvokeWithoutContext(Object state)
    at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
    at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
    at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
    </StackTrace>
    <ExceptionString>System.ServiceModel.CommunicationException: The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '10675199.02:48:05.4775807'. ---&gt; System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
       at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
       at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)
       --- End of inner exception stack trace ---</ExceptionString>
    <InnerException>
    <ExceptionType>System.Net.Sockets.SocketException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
    <Message>An existing connection was forcibly closed by the remote host</Message>
    <StackTrace>
    at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
    at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)
    </StackTrace>
    <ExceptionString>System.Net.Sockets.SocketException (0x80004005): An existing connection was forcibly closed by the remote host
       at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
       at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)</ExceptionString>
    <NativeErrorCode>2746</NativeErrorCode>
    </InnerException>
    </Exception>
    </TraceRecord>
    </DataItem>
    </TraceData>
    </ApplicationData>
    </E2ETraceEvent>

    The service config looks like this : 

    <?xml version="1.0" encoding="utf-8"?>
    <configuration>
      <configSections>
        <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
        <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
      </configSections>
      <connectionStrings>
        ...
      </connectionStrings>
      <appSettings>
        ...
      </appSettings>
      <system.serviceModel>
        <extensions>
          <behaviorExtensions>
            <add name="protobuf" type="ProtoBuf.ServiceModel.ProtoBehaviorExtension, protobuf-net, Version=2.0.0.580, Culture=neutral, PublicKeyToken=257b51d87d2e4d67" />
            <add name="customBehaviorExtension_Integration" type="myApp.ServiceImplementation.CustomRequestInterceptorBehaviorExtension_Integration, myApp.ServiceImplementation" />
            <add name="customBehaviorExtension_ClientService" type="myApp.ServiceImplementation.CustomRequestInterceptorBehaviorExtension_ClientService, myApp.ServiceImplementation" />
          </behaviorExtensions>
        </extensions>
        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
        <behaviors>
          <serviceBehaviors>
            <behavior name="myApp.ServiceImplementation.myAppIntegration_Behavior">
              <dataContractSerializer maxItemsInObjectGraph="2147483647" />
              <serviceDebug includeExceptionDetailInFaults="true" />
              <serviceMetadata httpGetEnabled="true" />
              <customBehaviorExtension_Integration />
            </behavior>
            <behavior name="myAppClientService.CustomValidator_Behavior">
              <dataContractSerializer maxItemsInObjectGraph="2147483647" />
              <serviceDebug includeExceptionDetailInFaults="true" />
              <serviceMetadata httpGetEnabled="true" />
              <customBehaviorExtension_ClientService />
              <serviceThrottling maxConcurrentCalls="2000" maxConcurrentSessions="2147483647" maxConcurrentInstances="2000" />
              <serviceCredentials>
                <clientCertificate>
                  <authentication certificateValidationMode="PeerOrChainTrust" />
                </clientCertificate>
                <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="myApp.ServiceImplementation.CustomUsernamePasswordValidator, myApp.ServiceImplementation" />
              </serviceCredentials>
              <serviceAuthorization principalPermissionMode="Custom" serviceAuthorizationManagerType="myApp.ServiceImplementation.CustomServiceAuthorizationManager, myApp.ServiceImplementation">
                <authorizationPolicies>
                  <add policyType="myApp.ServiceImplementation.CustomAuthorizationPolicy_ClientService, myApp.ServiceImplementation" />
                </authorizationPolicies>
              </serviceAuthorization>
            </behavior>
            <behavior name="myAppClientService.Certificate_Behavior">
              <dataContractSerializer maxItemsInObjectGraph="2147483647" />
              <serviceDebug includeExceptionDetailInFaults="true" />
              <serviceMetadata httpGetEnabled="true" />
              <customBehaviorExtension_ClientService />
              <serviceThrottling maxConcurrentCalls="2000" maxConcurrentSessions="2147483647" maxConcurrentInstances="2000" />
              <serviceCredentials>
                <clientCertificate>
                  <authentication certificateValidationMode="ChainTrust" revocationMode="NoCheck" />
                </clientCertificate>
                <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="myApp.ServiceImplementation.CustomUsernamePasswordValidator, myApp.ServiceImplementation" />
                <serviceCertificate findValue="myApp4.sll.se" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
              </serviceCredentials>
              <serviceAuthorization principalPermissionMode="Custom" serviceAuthorizationManagerType="myApp.ServiceImplementation.CustomServiceAuthorizationManager, myApp.ServiceImplementation">
                <authorizationPolicies>
                  <add policyType="myApp.ServiceImplementation.CustomAuthorizationPolicy_ClientService, myApp.ServiceImplementation" />
                </authorizationPolicies>
              </serviceAuthorization>
            </behavior>
            <behavior name="myApp.ServiceImplementation.HL7Service_Behavior">
              <serviceDebug includeExceptionDetailInFaults="true" />
              <serviceMetadata httpGetEnabled="true" externalMetadataLocation="..\Schema\HL7\DIPS\IHl7Service.wsdl" />
              <customBehaviorExtension_Integration />
            </behavior>
          </serviceBehaviors>
          <endpointBehaviors>
            <behavior name="protoEndpointBehavior">
              <protobuf />
            </behavior>
          </endpointBehaviors>
        </behaviors>
        <services>
          <service behaviorConfiguration="myApp.ServiceImplementation.myAppIntegration_Behavior" name="myApp.ServiceImplementation.myAppIntegration">
            <endpoint binding="basicHttpBinding" bindingConfiguration="BasicmyAppIntegration" bindingNamespace="myApp.ServiceImplementation" contract="myApp.ServiceContracts.ImyAppIntegration" />
            <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
            <host>
              <baseAddresses>
                <add baseAddress="http://localhost:8003/myApp5Service/Integration" />
              </baseAddresses>
            </host>
          </service>
          <service behaviorConfiguration="myAppClientService.Certificate_Behavior" name="myApp.ServiceImplementation.myAppClientService">
            <endpoint binding="netTcpBinding" bindingConfiguration="netTcpRegular" address="Regular" bindingNamespace="http://myApp.ServiceContracts/2007/11" contract="myApp.ServiceContracts.ImyAppClientService" />
            <endpoint binding="netTcpBinding" bindingConfiguration="netTcpRegular" behaviorConfiguration="protoEndpointBehavior" address="Proto" bindingNamespace="http://myApp.ServiceContracts/2007/11" contract="myApp.ServiceContracts.ImyAppClientService" />
            <endpoint binding="netTcpBinding" bindingConfiguration="netTcpWindowMessageSecurity" address="Windows" bindingNamespace="http://myApp.ServiceContracts/2007/11" contract="myApp.ServiceContracts.ImyAppClientService" />
            <endpoint binding="netTcpBinding" bindingConfiguration="netTcpCertificate" behaviorConfiguration="protoEndpointBehavior" bindingNamespace="http://myApp.ServiceContracts/2007/11" contract="myApp.ServiceContracts.ImyAppClientService" address="Sll"/>
            <host>
              <baseAddresses>
                <add baseAddress="net.tcp://localhost:8035/myApp5Service/Client/" />
                <add baseAddress="http://localhost:8002/myApp5Service/Client" />
              </baseAddresses>
            </host>
          </service>
          <!--Service för HL7-->
          <service behaviorConfiguration="myApp.ServiceImplementation.HL7Service_Behavior" name="myApp.ServiceImplementation.HL7Service">
            <endpoint binding="basicHttpBinding" bindingConfiguration="BasicBindingHL7" contract="IHL7Service" />
            <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
            <host>
              <baseAddresses>
                <add baseAddress="http://localhost:8004/myApp5Service/Hl7" />
              </baseAddresses>
            </host>
          </service>
        </services>
        <bindings>
          <netTcpBinding>
            <binding name="netTcpCertificate" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="infinite" sendTimeout="01:00:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="1000" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="200" maxReceivedMessageSize="2147483647">
              <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
              <reliableSession ordered="true" inactivityTimeout="infinite" enabled="false" />
              <security mode="Transport">
                <transport clientCredentialType="Certificate" />
                <message clientCredentialType="Certificate" />
              </security>
            </binding>
            <binding name="netTcpWindowMessageSecurity" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="infinite" sendTimeout="01:00:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="1000" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="200" maxReceivedMessageSize="2147483647">
              <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
              <reliableSession ordered="true" inactivityTimeout="infinite" enabled="false" />
              <security mode="Message">
                <message clientCredentialType="Windows" />
              </security>
            </binding>
            <!---->
            <binding name="netTcpRegular" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="infinite" sendTimeout="01:00:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="1000" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="200" maxReceivedMessageSize="2147483647">
              <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
              <reliableSession ordered="true" inactivityTimeout="infinite" enabled="false" />
              <security mode="None">
                <transport clientCredentialType="None" />
              </security>
            </binding>
          </netTcpBinding>
          <customBinding>
            <binding name="UsernamePasswordOverHttp">
              <textMessageEncoding messageVersion="Soap11" />
              <security authenticationMode="UserNameOverTransport" messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" allowInsecureTransport="true" />
              <httpsTransport />
            </binding>
          </customBinding>
          <basicHttpBinding>
            <binding name="BasicmyAppIntegration" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="infinite" sendTimeout="01:00:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
              <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
              <security mode="None" />
            </binding>
            <binding name="BasicBindingHL7" allowCookies="true" closeTimeout="04:00:00" openTimeout="04:00:00" receiveTimeout="04:00:00" sendTimeout="04:00:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
              <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
              <security mode="None">
                <transport clientCredentialType="None" />
              </security>
            </binding>
          </basicHttpBinding>
        </bindings>
      </system.serviceModel>
      <startup>
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
      </startup>
      <system.net>
      </system.net>
      <entityFramework>
        <defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
        <providers>
          <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
        </providers>
      </entityFramework>
    </configuration>

    I can´t still understand why this is not working?

    Tuesday, June 17, 2014 10:25 AM
  • Here is the client config : 

    <?xml version="1.0"?>
    <!--1-->
    <configuration>
      <configSections>
        <sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
          <section name="myService.Client.Main.Skins.myServiceSkinSettings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false"/>
          <section name="myService.Client.Main.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false"/>
        </sectionGroup>
        <sectionGroup name="userSettings" type="System.Configuration.UserSettingsGroup, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
          <section name="myService.Client.Main.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowExeDefinition="MachineToLocalUser" requirePermission="false"/>
        </sectionGroup>
      </configSections>
      <system.serviceModel>
        <extensions>
          <behaviorExtensions>
            <add name="CustomMessageInspector" type="myService.Common.CustomMessageInspectorExtensionElement, myService.Common" />
            <add name="protobuf" type="ProtoBuf.ServiceModel.ProtoBehaviorExtension, protobuf-net, Version=2.0.0.580, Culture=neutral"/>
          </behaviorExtensions>
        </extensions>
        <behaviors>
          <endpointBehaviors>
            <behavior name="protoCertificateEndpointBehavior">
              <clientCredentials>
                <clientCertificate findValue="myServiceClient" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My"/>
                <serviceCertificate>
                  <authentication certificateValidationMode="ChainTrust"/>
                </serviceCertificate>
              </clientCredentials>
              <CustomMessageInspector/>
              <protobuf/>
            </behavior>
            <behavior name="protoEndpointBehavior">
              <CustomMessageInspector/>
              <protobuf/>
            </behavior>
            <behavior name="BasicBehavior">
              <CustomMessageInspector/>
              <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
            </behavior>
          </endpointBehaviors>
        </behaviors>
        <bindings>
          <netTcpBinding>
            <binding name="netTcpCertificate" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="infinite" sendTimeout="01:00:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="1000" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="200" maxReceivedMessageSize="2147483647">
              <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
              <reliableSession ordered="true" inactivityTimeout="infinite" enabled="false"/>
              <security mode="Transport">
                <transport clientCredentialType="Certificate"/>
                <message clientCredentialType="Certificate"/>
              </security>
            </binding>
            <binding name="NetTcpBinding_ImyServiceClientServiceRegular" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="infinite" sendTimeout="01:00:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="10" maxReceivedMessageSize="2147483647">
              <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
              <reliableSession ordered="true" inactivityTimeout="infinite" enabled="false"/>
              <security mode="None">
                <transport clientCredentialType="None"/>
              </security>
            </binding>
            <binding name="NetTcpBinding_ImyServiceClientServiceWindows" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="infinite" sendTimeout="01:00:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="10" maxReceivedMessageSize="2147483647">
              <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
              <reliableSession ordered="true" inactivityTimeout="infinite" enabled="false"/>
              <security mode="Message">
                <message clientCredentialType="Windows"/>
              </security>
            </binding>
          </netTcpBinding>
        </bindings>
        <client>
          <endpoint address="net.tcp://localhost:8035/myService5Service/Client/Sll" behaviorConfiguration="protoCertificateEndpointBehavior" binding="netTcpBinding" bindingConfiguration="netTcpCertificate" contract="myService.ServiceContracts.ImyServiceClientService" name="Utveckling_Certificate">
            <identity>
              <dns value="myService4.sll.se"></dns>
            </identity>
          </endpoint>
        </client>
      </system.serviceModel>
      <startup>
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
      </startup>
    	<runtime>
    		<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
    			<dependentAssembly>
    				<assemblyIdentity name="EnvDTE" publicKeyToken="B03F5F7F11D50A3A" culture="neutral"/>
    				<bindingRedirect oldVersion="0.0.0.0-8.0.0.0" newVersion="8.0.0.0"/>
    			</dependentAssembly>
    		</assemblyBinding>
    	</runtime>
    </configuration>
    

    Tuesday, June 17, 2014 10:29 AM
  • Hi,

    >>The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '10675199.02:48:05.4775807'. The local IP address and port is [::1]:8035. The remote IP address and port is [::1]:59941.

    The exception indicates that the service connection seems get aborted at the server-side.

    Please try to set the security mode in the client and server to none to see if it helps.

    If it works, then it will be something wrong between the authentication.

    If it not works, then it seems that your service is not working.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, July 1, 2014 11:37 AM
    Moderator
  • Hi,

    >>The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '10675199.02:48:05.4775807'. The local IP address and port is [::1]:8035. The remote IP address and port is [::1]:59941.

    The exception indicates that the service connection seems get aborted at the server-side.

    Please try to set the security mode in the client and server to none to see if it helps.

    If it works, then it will be something wrong between the authentication.

    If it not works, then it seems that your service is not working.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Hi,

    With some work I manage to remove the security(None) and still login with the same code. This works great even the second and third time. I do not have to enter the code for the certificate but this is to be expected when turning off security.

    As soon as I turn on the security again I get the SSPI exception the second time I try to connect to the service?

    Im using(as far as I know) the exac same code to do the second and third connection so why is it working the first but not the last?

    I have checked that the same certificate it used for communication all of the times.

    Friday, July 4, 2014 9:56 AM
  • If I place this code :

    rocess.Start(Application.StartupPath + "\\MyCode.exe");
                                Process.GetCurrentProcess().Kill();

    It works always but it does not feel right? I Suspect that there is somthing left in memory that make the handshake to fail a second time and that this is cleared when doing a restart instead of just creating a new Channel(factory).

    Friday, July 4, 2014 12:59 PM