locked
How to fix authentication Failure (Remote Transport stream closed) RRS feed

  • Question

  • User248267340 posted

    I'm getting the following error:

    Authentication failed because the remote party has closed the transport stream.

    here's my code:

                string assertion = CreateAuthToken();

                HttpClient client = new HttpClient();

                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

                client.Timeout = TimeSpan.FromSeconds(60);

                HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, ConfigurationManager.AppSettings["StsURI"]);
                JsonObject requestBody = new JsonObject {
                        { "grant_type", "jwt-bearer" },
                        { "assertion", assertion }
                    };

                request.Content = new StringContent(requestBody.ToString(), Encoding.UTF8, "application/json");

                HttpResponseMessage responseResult = client.SendAsync(request).Result;

    The Last line is the culprit. When I run the code on my dev box in Visual Studio 2019, it works great. But on our IIS server it fails.

    We checked port 443, and the firewall. Everything is wide open. We checked the urI and it is accessible too.

    Any thoughts?

    Saturday, April 24, 2021 12:52 AM

Answers

  • User-939850651 posted

    Hi coreysan,

    Authentication failed because the remote party has closed the transport stream

    You may get this error when trying to call an external API. This error is related to the Security Protocol Type.

    It is most likely caused by your application's default security protocol type being set too low.

    A lot of external APIs now expect requests using TLS 1.2 or above. You culd try to set the SecurityProtocol in your application by adding these code:

    ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

    This can be added just before you call the api, or it can even be added in the application start method.

    If you don't have all of these options available to you, maybe you are running a .NET 4.0 application, you can also set it like this:

    ServicePointManager.SecurityProtocol = (SecurityProtocolType)48 | (SecurityProtocolType)192 |
    (SecurityProtocolType)768 | (SecurityProtocolType)3072;

    A nice blog post: TLS 1.2 and .NET Support: How to Avoid Connection Errors

    Hope this can help.

    Best regards,

    Xudong Peng

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, April 26, 2021 2:52 AM

All replies

  • User-939850651 posted

    Hi coreysan,

    Authentication failed because the remote party has closed the transport stream

    You may get this error when trying to call an external API. This error is related to the Security Protocol Type.

    It is most likely caused by your application's default security protocol type being set too low.

    A lot of external APIs now expect requests using TLS 1.2 or above. You culd try to set the SecurityProtocol in your application by adding these code:

    ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;

    This can be added just before you call the api, or it can even be added in the application start method.

    If you don't have all of these options available to you, maybe you are running a .NET 4.0 application, you can also set it like this:

    ServicePointManager.SecurityProtocol = (SecurityProtocolType)48 | (SecurityProtocolType)192 |
    (SecurityProtocolType)768 | (SecurityProtocolType)3072;

    A nice blog post: TLS 1.2 and .NET Support: How to Avoid Connection Errors

    Hope this can help.

    Best regards,

    Xudong Peng

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, April 26, 2021 2:52 AM
  • User248267340 posted

    thanks so much. This helped me realize it was in fact a TLS issue.! Thanks for your help on this!

    Monday, April 26, 2021 3:42 PM