0 votes
by (130 points)

Hello,
we have Windows CE CF3.5 application using SOAP WebService. Server was upgraded to use TLS1.2 and we are trying to upgrade client application as well using Rebex library (now testing with trial) like this


var creator = new HttpRequestCreator();
creator.Settings.SslAllowedVersions = TlsVersion.Any;
creator.Register();

but we are getting error, please see rebex log below

2023-09-07 05:56:27 Opening log file.
2023-09-07 05:56:27 INFO FileLogWriter(1)[188286414] Info: Assembly: Rebex.Common R5.12 for .NET Compact Framework 3.5
2023-09-07 05:56:27 INFO FileLogWriter(1)[188286414] Info: Platform: Windows CE 7.0.2882 32-bit; CLR: 3.5.14223.0
2023-09-07 05:56:27 DEBUG FileLogWriter(1)[188286414] Info: Culture: en; windows-1252
2023-09-07 05:56:40 DEBUG HttpRequest(1)[188286414] HTTP: Using new HTTP session (1) provided by Rebex.Net.HttpRequestCreator(1).
2023-09-07 05:56:40 INFO HttpRequest(1)[188286414] HTTP: Connecting to 'https://147.32.3.5:7104'...
2023-09-07 05:56:40 DEBUG HttpRequest(1)[188286414] Info: Assembly: Rebex.Common R5.12 for .NET Compact Framework 3.5
2023-09-07 05:56:40 DEBUG HttpRequest(1)[188286414] Info: Platform: Windows CE 7.0.2882 32-bit; CLR: 3.5.14223.0
2023-09-07 05:56:40 DEBUG HttpRequest(1)[188286414] Info: Culture: en; windows-1252
2023-09-07 05:56:40 DEBUG HttpRequest(1)[188286414] Proxy: Connecting to 147.32.3.5:7104 (no proxy).
2023-09-07 05:56:40 DEBUG HttpRequest(1)[188286414] Proxy: Connection established.
2023-09-07 05:56:40 DEBUG HttpRequest(1)[188286414] TLS: Enabled cipher suites: 0x0000000000000640.
2023-09-07 05:56:40 DEBUG HttpRequest(1)[188286414] TLS: Applicable cipher suites: 0x0000000000000640.
2023-09-07 05:56:40 DEBUG HttpRequest(1)[188286414] TLS: HandshakeMessage:ClientHello was sent.
2023-09-07 05:56:43 DEBUG HttpRequest(1)[188286414] TLS: TLS socket error, 0 bytes of data were received.
2023-09-07 05:56:43 DEBUG HttpRequest(1)[188286414] TLS: Error while processing TLS packet: System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.Socket.ReceiveNoCheck(Byte[] buffer, Int32 index, Int32 request, SocketFlags socketFlags)
at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
at onrkn.bavnf.Receive(Byte[] buffer, Int32 offset, Int32 count, SocketFlags socketFlags)
at Rebex.Net.ProxySocket.Receive(Byte[] buffer, Int32 offset, Int32 count, SocketFlags socketFlags)
at onrkn.csnwg.xqszt(Int32 p0)
at onrkn.csnwg.hgsjn()
at onrkn.csnwg.upurk()
at onrkn.csnwg.sksvo()
at Rebex.Net.TlsSocket.Negotiate()
at onrkn.ixwxt.dogje(ISocket p0)
at onrkn.rbbcu.dkczn(String p0, Int32 p1, Boolean p2)
at onrkn.udlmn.nplxx()
at onrkn.udlmn.iqjhb(Boolean p0)
at onrkn.udlmn.kvanb()
at Rebex.Net.HttpRequest.xhopj()
at Rebex.Net.HttpRequest.azxmk()
at Rebex.Net.HttpRequest.uxwxa()
at Rebex.Net.HttpRequest.ajswj()
at Rebex.Net.HttpRequest.GetResponse()
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.SoapHttpClientProtocol.doInvoke(String methodName, Object[] parameters, WebClientAsyncResult asyncResult)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at eInventorymobile.wsInventory.TerminalWebService.GetAlive()
at eInventorymobile.clsDBSQL.WSGetAlive()
at eInventorymobile.frmMain.GetUserDepartment(String sUserCode)
at eInventorymobile.frmMain.txtLoginPwd
KeyPress(Object sender, KeyPressEventArgs e)
at System.Windows.Forms.Control.OnKeyPress(KeyPressEventArgs e)
at System.Windows.Forms.Control.WnProc(WM wm, Int32 wParam, Int32 lParam)
at System.Windows.Forms.Control._InternalWnProc(WM wm, Int32 wParam, Int32 lParam)
at Microsoft.AGL.Forms.EVL.EnterMainLoop(IntPtr hwnMain)
at System.Windows.Forms.Application.Run(Form fm)
at eInventorymobile.Program.Main()

2023-09-07 05:56:43 INFO HttpRequest(1)[188286414] TLS: Fatal Alert:InternalError was sent.
2023-09-07 05:56:43 ERROR HttpRequest(1)[188286414] HTTP: Error while sending request: Rebex.Net.TlsException: Connection was closed by the remote connection end. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.Socket.ReceiveNoCheck(Byte[] buffer, Int32 index, Int32 request, SocketFlags socketFlags)
at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
at onrkn.bavnf.Receive(Byte[] buffer, Int32 offset, Int32 count, SocketFlags socketFlags)
at Rebex.Net.ProxySocket.Receive(Byte[] buffer, Int32 offset, Int32 count, SocketFlags socketFlags)
at onrkn.csnwg.xqszt(Int32 p0)
at onrkn.csnwg.hgsjn()
at onrkn.csnwg.upurk()
at onrkn.csnwg.sksvo()
at Rebex.Net.TlsSocket.Negotiate()
at onrkn.ixwxt.dogje(ISocket p0)
at onrkn.rbbcu.dkczn(String p0, Int32 p1, Boolean p2)
at onrkn.udlmn.nplxx()
at onrkn.udlmn.iqjhb(Boolean p0)
at onrkn.udlmn.kvanb()
at Rebex.Net.HttpRequest.xhopj()
at Rebex.Net.HttpRequest.azxmk()
at Rebex.Net.HttpRequest.uxwxa()
at Rebex.Net.HttpRequest.ajswj()
at Rebex.Net.HttpRequest.GetResponse()
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.SoapHttpClientProtocol.doInvoke(String methodName, Object[] parameters, WebClientAsyncResult asyncResult)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at eInventorymobile.wsInventory.TerminalWebService.GetAlive()
at eInventorymobile.clsDBSQL.WSGetAlive()
at eInventorymobile.frmMain.GetUserDepartment(String sUserCode)
at eInventorymobile.frmMain.txtLoginPwd
KeyPress(Object sender, KeyPressEventArgs e)
at System.Windows.Forms.Control.OnKeyPress(KeyPressEventArgs e)
at System.Windows.Forms.Control.WnProc(WM wm, Int32 wParam, Int32 lParam)
at System.Windows.Forms.Control._InternalWnProc(WM wm, Int32 wParam, Int32 lParam)
at Microsoft.AGL.Forms.EVL.EnterMainLoop(IntPtr hwnMain)
at System.Windows.Forms.Application.Run(Form fm)
at eInventorymobile.Program.Main()

at onrkn.csnwg.upurk()
at onrkn.csnwg.sksvo()
at Rebex.Net.TlsSocket.Negotiate()
at onrkn.ixwxt.dogje(ISocket p0)
at onrkn.rbbcu.dkczn(String p0, Int32 p1, Boolean p2)
at onrkn.udlmn.nplxx()
at onrkn.udlmn.iqjhb(Boolean p0)
at onrkn.udlmn.kvanb()
at Rebex.Net.HttpRequest.xhopj()
at Rebex.Net.HttpRequest.azxmk()
at Rebex.Net.HttpRequest.uxwxa()
at Rebex.Net.HttpRequest.ajswj()
at Rebex.Net.HttpRequest.GetResponse()
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.SoapHttpClientProtocol.doInvoke(String methodName, Object[] parameters, WebClientAsyncResult asyncResult)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at eInventorymobile.wsInventory.TerminalWebService.GetAlive()
at eInventorymobile.clsDBSQL.WSGetAlive()
at eInventorymobile.frmMain.GetUserDepartment(String sUserCode)
at eInventorymobile.frmMain.txtLoginPwd
KeyPress(Object sender, KeyPressEventArgs e)
at System.Windows.Forms.Control.OnKeyPress(KeyPressEventArgs e)
at System.Windows.Forms.Control.WnProc(WM wm, Int32 wParam, Int32 lParam)
at System.Windows.Forms.Control._InternalWnProc(WM wm, Int32 wParam, Int32 lParam)
at Microsoft.AGL.Forms.EVL.EnterMainLoop(IntPtr hwnMain)
at System.Windows.Forms.Application.Run(Form fm)
at eInventorymobile.Program.Main()

Applies to: Rebex TLS

1 Answer

+1 vote
by (147k points)

Hello,

1. The content of "Enabled cipher suites" line in the log indicates that you have specified SslAllowedSuites somewhere in your code. Make sure you don't do something like this:

creator.Settings.SslAllowedSuites = TlsCipherSuite.RSA_WITH_3DES_EDE_CBC_SHA |
    TlsCipherSuite.RSA_WITH_AES_128_CBC_SHA |
    TlsCipherSuite.RSA_WITH_AES_256_CBC_SHA;

2. The server at 147.32.3.5 apparently requires that clients use a cipher based on elliptic curve Diffie-Hellman. These are not supported out-of-the-box on Windows Embedded Compact 7, but can be enabled using Rebex.Castle and/or Rebex.Curve25519 plugins.

3. When connecting to a server specified by an IP address, the server certificate won't pass validation. To resolve that, either use the serve rname in the URL (such as "https://inv.cvut.cz:7104/some_path"), or add the following line to your code:

creator.Settings.SslServerName = "inv.cvut.cz";
by (130 points)
Teď jsem si všiml, že jste česká firma :-D Děkuji za pomoc, vypadá to funkčně. Předpokládám, že stačí, když si objednáme licenci na Rebex HTTPS?
by (147k points)
Dobrý den! :-)
Pro tyto platformy je třeba objednat "Legacy Edition", která je bohužel o něco dražší:
https://www.rebex.net/https/buy/legacy/
https://www.rebex.net/kb/legacy-platform-support/
Údržba knihoven pro systémy, kterým už před lety skončil support, už nás stojí docela dost úsilí, proto ta vyšší cena.
...