Understanding SSL connections with .NET's HttpWebRequest
I can't seem to get my head around this one. I'm using HttpWebRequest to try and send some data out to another site. I'm attempting to figure out the best way to get our firewalls configured, but I'm at a loss. By watching the NetMon trace, it appears as though it's ignoring what I tell it; the HTTP headers I see go out from the request (not the browser-to-my-server request, but the my-server-to-remote-server request) don't add up.
Http: Request, CONNECT some.random.url:443 Command: CONNECT URI: some.random.url:443 Location: some.random.url:443 ProtocolVersion: HTTP/1.1 Host: some.random.url ProxyConnection: Keep-Alive HeaderEnd: CRLF
The TCP DstPort also seems to always start with HTTP(80). I can't seem to get it to handle 443 initially, no matter what; does SSL start out with a port 80 negotiate before it begins "real" transmission? To boot, this request seems to ignore any HttpWebRequest settings I try to set before initiating the request: even if I set HTTP 1.0, or keep-alive to false, it still starts off with the above headers.
What's it doing? I'd like to know how to let it through, but I'm not sure why it's exhibiting that behavior?
Code below, if it helps.
Uri newUri = new Uri("https://some.random.url:443/random"); System.Net.HttpWebRequest wr = (HttpWebRequest)WebRequest.Create(newUri); wr.Method = "POST"; wr.ContentType = "application/x-www-form-urlencoded"; ASCIIEncoding encoding = new ASCIIEncoding(); byte requestBytes = encoding.GetBytes("test"); wr.ContentLength = requestBytes.Length; System.IO.Stream stream = wr.GetRequestStream(); //FAILS HERE, ServerProtocolViolation
I've scoured over Google and other SSL/HttpWebRequest problems, but can't come up with a silver bullet.
Your problem appears to be the proxy server between your ASP.NET server and the remote server. You can try not using the proxy server (wr.Proxy = null), but that may be required for your network setup.
I'd recommend talking to whoever is responsible for the network where your server is and seeing if the proxy supports SSL pass-through (via the CONNECT command .NET is sending on your behalf).
HttpWebRequest calls over SSL and have never run into this problem. The only thing I can see that you do that I've never done is including the the port number (443) in the URL.
.NET should handle the creation of the SSL connection without being told what port to use when you use the
https protocol. If you haven't already, try without the port number. If you have, then I'm out of ideas ;)
try this and let me know how you find it!
htw.Credentials = new NetworkCredentials(username, password)