I am trying to update an application from Blazor .NET 7 web assembly to a Blazor on .NET 8.0 web application with interactive server rendering. On the web assembly on razor pages I had a lot of HttpClient
calls to the server side Web API controllers.
I finally managed to make those calls to work on Blazor interactive server (the Blazor server pages make http calls on the server Web API controllers), but when I uploaded them to the Azure site, I get the following error:
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
System.Security.Authentication.AuthenticationException: Authentication failed because the remote party sent a TLS alert: ‘ProtocolVersion’.
System.ComponentModel.Win32Exception (0x80090326): The message received was unexpected or badly formatted.
— End of inner exception stack trace —
at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
Tls protocol version 1.2 both on code and on azure configuration of course..
Any clues?
Thanks
2
Answers
I finally found a solution/workaround for my problem.
I forced the http protocol version to be 1.1
httpRequest.Version = HttpVersion.Version11;
I had tried to set the azure web site to accept http 2.0 but this kept giving me :
The HTTP/2 server sent invalid data on the connection. HTTP/2 error code 'PROTOCOL_ERROR' (0x1). (HttpProtocolError) ---> System.Net.Http.HttpProtocolException: The HTTP/2 server sent invalid data on the connection. HTTP/2 error code 'PROTOCOL_ERROR' (0x1). (HttpProtocolError) at System.Net.Http.Http2Connection.ThrowRequestAborted.
It seems that HttpClient defaults to 2.0 and that is causing issues when calling azure web app internally. I don't know why.
Any further explations would be wellcomed.
Thank you
If the exception is actually accurate, you’re issue is related to TLS protocol versions being used in the communication between the two components.
The TLS version configuration you’re referring to in the Azure Portal is the "Minimum Incoming TLS Version", which doesn’t actually affect the outgoing version I suggest you try and force the TLS protocol version in code and see if that solves the issue.
You simply need to create an
HttpClientHandler
that you use when creating yourHttpClient
clients.Although this doesn’t seem to be the issue, you might also want to look into enabling the "End-to-end TLS encryption" option if the above doesn’t solve the issue. This doesn’t really seem to be the issue based on the exception, but it’s worth a try in case your architecture actually requires it. See the blog post here.