4

I have a WCF application hosted in IIS that work as an intermediate for two other different SOAP web services A & B.

Calling A service operations from my application is always OK. Calling B service operations from my application is problematic :

  • Using simple http endpoint URL everything work as expected.
  • Moving to https endpoint works well for 1-2 days but at some time I get "Could not establish secure channel for SSL/TLS" error.

I have noticed that recycling the pool in IIS fixes the problem until the next time.

My application is hosted in two servers and served through a load balancer. When I face the above problem in server 1 it is not always the case with the 2nd server as well.

  • Certificates seems to be OK. No errors. After all if there was an error with certificates it would not work at all.
  • The same if there were different SSL/TLS protocols. My services serves only Tls 1.2 and service B that I call supports Tls 1.0
  • Is there any possibility a restart in the service A that I call would cause that problem?

What could cause that random error? Any ideas?

Michael the Greek
  • 55
  • 5

1 Answers1

1

Change SecurityProtocolType to ssl3 or Tls1 solve problem for me.

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls1;

Open Event Viewer on your server you recycle the pool in IIS and check for schannel errors...

I think that this is what cause the problem...

https://social.technet.microsoft.com/Forums/windows/en-US/0d66e764-d7d2-4a98-8a0f-27241e31ef7c/schannel-36888-the-following-fatal-alert-was-generated-10-the-internal-error-state-is-10?forum=w7itprosecurity

Zvi Redler
  • 1,708
  • 1
  • 18
  • 29