Microsoft KB Archive/915599

= You receive one or more error messages when you try to make an HTTP request in an application that is built on the .NET Framework 1.1 Service Pack 1 =

Article ID: 915599

Article Last Modified on 12/3/2007

-

APPLIES TO


 * Microsoft .NET Framework 1.1 Service Pack 1

-



SUMMARY
This article describes error messages that you may receive when you use the Microsoft .NET Framework 1.1 Service Pack 1 (SP1) to make HTTP requests or when you call a Web service.



SYMPTOMS
When you try to make an HTTP request in an application that is built on the .NET Framework, you may receive one or more of the following error messages:

Error message 1

The underlying connection was closed: Unable to connect to the remote server.

Error message 2

The underlying connection was closed: An unexpected error occurred on a send.

Error message 3

The underlying connection was closed: An unexpected error occurred on a receive.

Error message 4

The underlying connection was closed: The server committed an HTTP protocol violation.

Error message 5

The underlying connection was closed: Could not establish secure channel for SSL/TLS.

Error message 6

The operation has timed-out



Error message 1
This problem occurs when the .NET Framework cannot establish a connection to the remote server. This problem may occur when one or more of the following conditions are true:
 * A network outage occurs.
 * A proxy server blocks the HTTP request.
 * A Domain Name System (DNS) problem occurs.
 * A network authentication problem occurs.

To resolve this problem, see resolutions A, B, and C.

Error message 2
This problem occurs when the client computer cannot send an HTTP request. The client computer cannot send the HTTP request because the connection has been closed or is unavailable. This problem may occur when the client computer is sending lots of data. To resolve this problem, see resolutions A, D, E, F, and O.

Error message 3
This problem occurs when the server or another network device unexpectedly closes an existing Transmission Control Protocol (TCP) connection. This problem may occur when a time-out value on the server or on the network device is set too low. To resolve this problem, see resolutions A, D, E, F, and O.

Error message 4
This problem occurs when the .NET Framework detects that the server response does not comply with HTTP 1.1 RFC. This problem may occur when the response contains incorrect headers or incorrect header delimiters. To resolve this problem, see resolutions A and G.

For more information about HTTP headers, visit the following World Wide Web Consortium Web site:

http://www.w3.org/Protocols/rfc2616/rfc2616-sec6.html#sec6

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Error message 5
This problem may occur when one or more of the following conditions are true:
 * You are using an invalid client certificate or an invalid server certificate.
 * You are experiencing a TCP connection problem.
 * The client computer is sending lots of data.
 * A time-out setting on the server or on another network device is set too low.
 * You are experiencing an HTTPS protocol compatibility problem.

For TCP connection problems, see resolutions A, D, E, F, and O. For client certificate problems and server certificate problems, see resolutions H and I. For HTTPS protocol compatibility problems, see resolution J.

Error message 6
This problem occurs when the client time-out value is reached before one of the following conditions occurs:
 * An HTTP connection is established.
 * An HTTP response is received from the server.
 * The data stream is completely written to or read.

To resolve this problem, see resolutions A, E, K, L, M, and N.



RESOLUTION
Note The following list contains possible resolutions that may apply when one of these problems occurs. Not all these resolutions apply to all these problems. See the problem descriptions in the &quot;Cause&quot; section to determine which resolution applies.

Resolution A
To resolve this problem, make sure that you are using the most recent version of the .NET Framework. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

318785 How to determine which versions of the .NET Framework are installed and whether service packs have been applied

Resolution B
To resolve this problem, make sure that the proxy settings are correct. To do this, use the following techniques:  Use the static WebProxy.GetDefaultProxy method. For more information, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/system.net.webproxy.getdefaultproxy(vs.71).aspx

 Define a   element in the application configuration files. For more information, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/aa903369(VS.71).aspx

 Configure the .NET client to use HTTP 1.0 by changing the HttpWebRequest.ProtocolVersion property. For more information, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/system.net.httpwebrequest.protocolversion(vs.71).aspx

Note By default, the .NET Framework uses HTTP 1.1. If you are using Secure Sockets Layer (SSL), make sure that the proxy is not configured to use any rules that are blocking HTTPS. If you are using autoproxy, click the following article number to view the article in the Microsoft Knowledge Base:

873199 How to use autoproxy in managed code



Resolution C
To resolve this problem, make sure that the application has permissions to make network calls and to make socket calls. This resolution applies when the application that makes the HttpWebRequest call runs inside a Web application. You may have to grant Read permissions to the ASPNET account so that you can access the following resources:
 * The Microsoft WinSockProxy WS2.0 Provider (Wspwsp.dll) file
 * The  registry key
 * The  registry key

Note To determine whether the ASPNET worker process has the necessary permissions, use the FileMon utility and the RegMon utility. To download the FileMon utility and the RegMon utility, visit the following Sysinternals Web site:

http://www.microsoft.com/technet/sysinternals/default.mspx

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

Resolution D
To resolve this problem, disable the keep-alive feature. In the .NET Framework, set the HttpWebRequest.KeepAlive property to FALSE. To do this when you call a Web service, follow these steps.

Note The keep-alive feature is required for NTLM authentication. <ol> Create a new class by inheriting from the generated proxy class.</li>  Add a method to the class to override the GetWebRequest method. This change lets you access the HttpWebRequest object. If you are using Microsoft Visual C#, the new method must be similar to the following. class MyTestService:TestService.TestService {   protected override WebRequest GetWebRequest(Uri uri) {       HttpWebRequest webRequest = (HttpWebRequest) base.GetWebRequest(uri); //Setting KeepAlive to false webRequest.KeepAlive = false; return webRequest; } } If you are using Microsoft Visual Basic .NET, the new method must be similar to the following. Class MyTestService Inherits TestService.TestService Protected Overrides Function GetWebRequest(ByVal uri As Uri) As System.Net.WebRequest Dim webRequest As System.Net.HttpWebRequest webRequest = CType(MyBase.GetWebRequest(uri), System.Net.HttpWebRequest) 'Setting KeepAlive to false webRequest.KeepAlive = False GetWebRequest = webRequest End Function End Class </li> Create an instance of the new class, and then use the new class to call the Web service method.</li></ol>

Resolution E
To resolve this problem, set the ServicePointManager.MaxServicePointIdleTime property to less than the time-out value of the server keep-alive connection.

Notes  When a ServicePoint object has been idle for the time that is specified in the MaxIdleTime property, it is eligible for garbage collection.</li> Make sure that the ServicePointManager.MaxServicePointIdleTime property is set before any HTTP requests are made. For more information about the ServicePointManager.MaxSercvePointIdleTime property, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/system.net.servicepointmanager.maxservicepointidletime(vs.71).aspx

</li></ul>

Resolution F
To resolve this problem, increase the time-out value on the server computer and on other network devices. To increase the time-out value in Microsoft Internet Information Services (IIS) 6.0, follow these steps:
 * 1) Click Start, click Control Panel, click Administrative Tools, and then click Internet Information Services (IIS) Manager.
 * 2) Click the name of the computer that you want to reconfigure, and then click Web Sites.
 * 3) Right-click the Web site that you want to reconfigure, and then click Properties.
 * 4) Type a new value in the Connection timeout box, and then click OK.
 * 5) On the File menu, click Exit.

Resolution G
To work around this problem, set useUnsafeHeaderParsing to True. For more information about the useUnsafeHeaderParsing property, click the following article number to view the article in the Microsoft Knowledge Base:

888528 A list of the bugs that are fixed in the .NET Framework 1.1 Service Pack 1 but are not described elsewhere in individual Microsoft Knowledge Base articles

Resolution H
To resolve this problem, supply a valid client certificate for the application. For more information about how to use client certificates, click the following article numbers to view the articles in the Microsoft Knowledge Base:

901183 How to call a Web service by using a client certificate for authentication in an ASP.NET Web application

895971 How to send a client certificate by using the HttpWebRequest and HttpWebResponse classes in Microsoft Visual C# .NET

Resolution I
To resolve this problem, supply a valid security certificate for the server. Additionally, you may be able to resolve this problem by installing the root certification authority (CA) certificate or by correcting the common name of the server certificate. For more information about naming the server certificate, click the following article number to view the article in the Microsoft Knowledge Base:

813618 Security alert: The name of the security certificate is invalid or does not match the name of the site

Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

You can also revise the application code to ignore these certificate warnings. To do this, implement your own ICertificatePolicy interface. You can then set the ServicePointManager.CertificatePolicy property to use your certificate policy instance before the Web service method call is made.

Note The ICertificatePolicy.CheckValidationResult method implements the application certificate validation policy. For more information about the ICertificatePolicy.CheckValidationResult method, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/system.net.icertificatepolicy.checkvalidationresult(vs.71).aspx

For more information and a code sample, click the following article number to view the article in the Microsoft Knowledge Base:

823177 PRB: &quot;System.Net.WebException. The underlying connection was closed. Could not establish trust relationship with remote server&quot; error message when you upgrade the .NET Framework

Important We recommend that you not ignore SSL certificate warnings in code because of possible security risks.

Resolution J
To resolve this problem, change the HTTPS protocol from SSL to Transport Level Security (TLS).

Note If you already use TLS, change the HTTPS protocol to SSL. To change the HTTPS protocol on the client computer, see the &quot;ServicePointManager.SecurityProtocol property&quot; section on the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/system.net.servicepointmanager.securityprotocol.aspx

Note For example, to support the SSL3 protocol and the TLS1 protocol, use code that is similar to the following. ServicePointManager.SecurityProtocol= SecurityProtocolType.Ssl3|SecurityProtocolType.Tls; For more information about how to change the HTTPS protocol on the server computer, click the following article number to view the article in the Microsoft Knowledge Base:

187498 How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services

Resolution K
To resolve this problem, increase the value of the maxConnection property. To do this, revise the configuration files for the application or add application code.

Note The default value of the maxConnection property is 2. For Microsoft ASP.NET-connected applications that call Web services, we recommend that you set a value of 12 times the number of processors. To set this value by using application code, use the ServicePointManager.DefaultConnectionLimit property. For more information about the ServicePointManager.DefaultConnectionLimit property, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/system.net.servicepointmanager.defaultconnectionlimit(vs.71).aspx

To set this value by using the configuration files for the application, add the following code to the configuration file. <connectionManagement> <add address=&quot;*&quot; maxconnection=&quot;12&quot;/> </connectionManagement> For more information about how to use the <connectionManagement> element, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/aa903351(VS.71).aspx

Resolution L
To resolve this problem, make sure that the time-out settings on the server and on other network devices are implemented correctly. For more information about how to implement time-out settings, click the following article number to view the article in the Microsoft Knowledge Base:

904262 The request that is sent by the HttpWebRequest class may stop responding when you use the HttpWebRequest class in an ASP.NET application

Resolution M
To resolve this problem, read about ASP.NET performance tuning. For more information about ASP.NET performance tuning, click the following article number to view the article in the Microsoft Knowledge Base:

821268 Contention, poor performance, and deadlocks when you make Web service requests from ASP.NET applications

Resolution N
To resolve this problem, increase the values of the time-out properties in the client application code. To do this, use the following properties:
 * HttpWebRequest.Timeout
 * HttpWebRequest.ReadWriteTimeout

For more information about the HttpWebRequest.Timeout property, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/cy9yd268.aspx

For more information about the HttpWebRequest.ReadWriteTimeout property, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/b1w9c0s4.aspx

Resolution O
To resolve this problem, make sure that the client computer does not send the HTTP 100-Continue header. Additionally, make sure that the client computer does not expect to receive the HTTP 100-Continue header.

Note This resolution is effective if the Web server or the proxy server does not support the HTTP 100-Continue header. For more information about how to disable the HTTP 100-Continue header for the client computer, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/system.net.servicepointmanager.expect100continue.aspx

<div class="references_section">