none
SSL Handshake on HttpWebRequest after WebExceptionStatus.ProtocolError RRS feed

  • Question

  • Hi,

    I need help with ssl handshakes.
    I appreciate any help you can provide :)

    Tested Framework(s): .NET 4.5 (will be used), .NET 4.0 (same behavior)

    Situation: 

    - The following code is producing the following output

    - On each request, a ssl handshake will be done
        - I checked this with ServerCertificateValidationCallback
        - and also with WireShark (Client Hello, Server Hello)

    - For testing purpose, the part HandleResponse(request); was used several times. The end product will not get a response, because I dont really need it! So the method HandleResponse(request); wont be called
        - I noticed, whenever an WebException in HandleResponse(request); occurs, the next request will do a ssl handshake. The problem is, its pretty often
        - Main reason for WebException is the HTTP 502 StatusCode

    - The request will be done every couple of minutes up to every couple of hours

    - My goal is to minimize the ssl handshake data traffic and latency

    Console Output:

    Certificate
    WebExceptionStatus.ProtocolError
    Certificate
    WebExceptionStatus.ProtocolError
    Certificate
    WebExceptionStatus.ProtocolError

    Representing Code, if you need more information, just ask:

    public static bool AcceptAllCertifications(object sender, X509Certificate certification, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        Console.WriteLine("Certificate");
        return true;
    }
    
    public void Run()
    {
        ServicePointManager.ServerCertificateValidationCallback = AcceptAllCertifications;
    
        while (true)
        {
            HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://####.##/path");
            request.Method = "POST";
            request.KeepAlive = true;
            request.ContentType = "application/x-www-form-urlencoded; charset=UTF-8";
            request.Proxy = null;
    
            string content = "...";
            byte[] byteArray = Encoding.UTF8.GetBytes(content);
            request.ContentLength = byteArray.Length;
    
            using (Stream stream = request.GetRequestStream())
            {
                stream.Write(byteArray, 0, byteArray.Length);
            }
    
            HandleResponse(request);
            
            Thread.Sleep(3000);
        }
    }
    
    public void HandleResponse(HttpWebRequest request)
    {
        try
        {
            HttpWebResponse response = (HttpWebResponse)request.GetResponse();
            //...
        }
        catch (WebException e)
        {
            if (e.Status == WebExceptionStatus.ProtocolError)
            {
                using (StreamReader sr = new StreamReader(e.Response.GetResponseStream()))
                {
                    string content = sr.ReadToEnd();
                }
            }
        }
    }




    • Edited by juRiii Wednesday, September 17, 2014 9:00 AM
    Wednesday, September 17, 2014 8:57 AM

Answers

  • Hello juRiii,

    >>My goal is to minimize the ssl handshake data traffic and latency

    You might need to modify the register key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL“ to achieve what you want.

    For details, please check this KB article and search for “Method 3: Configure Schannel to no longer send the list of trusted root certificate authorities during the TLS/SSL handshake process”.

    Best Regards,

    Fred.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, September 18, 2014 6:11 AM
    Moderator