none
Https call in Biztalk RRS feed

  • Question

  • Hello,

    I am trying to convert a http send port to https in Biztalk 2013

    I have installed the certificates and created WCF-BasicHttp sendport with security mode Transport and Transport client type None. 

    I received below error when started testing. Based on the search results  I have enabled TLS1.2 on the biztalk server since that is what the end point service is being used.  But still getting same error.  I can browse the service from the server and also I can call the service from soap ui. 

    "This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host"<o:p></o:p>


    I also tried https call with security mode TransportWithMessageCredential and Message client credential type Certificate. I applied certificate on the send port and the adapter. Then getting below error. <o:p>

     "Error details: System.NotSupportedException: The private key is not present in the X.509 certificate."

    Our security team stated that Biztalk does not need to use private key. Other applications making https call to the destination server. This makes me think some setting on the Biztalk server is missing. This is the first time Biztalk is trying to call a https service. 

    Are there any settings need to be enabled in Biztalk to get https call working?



    • Edited by Ann Elsy Friday, November 15, 2019 4:34 PM
    Friday, November 15, 2019 4:32 PM

Answers

All replies

  • The error 

    This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host"<o:p></o:p>

    suggests that the send https is not https on the server itself. Please check with your endpoint provider if HTTPS has been enabled on the service and first try a test using SOapUI or Postman to see if this is working.



    Pi_xel_xar

    Blog: My Blog

    BizTalkApplicationDeploymentTool: BizTalk Application Deployment Tool/

    Monday, November 18, 2019 9:38 AM
    Answerer
  • Hi,

    Please ensure you have followed all the steps to enable TLS1.2. E.g.:

    https://azurebiztalkread.wordpress.com/2018/04/14/support-for-tls-1-2-using-biztalk-server-2013-r2/

    You will probably need to restart the server aswell.

    Br,

    Leo


    Did my post help? Please use "Mark as answer" or "Propose as answer". Thank you!

    • Marked as answer by Ann Elsy Tuesday, November 19, 2019 5:13 PM
    Monday, November 18, 2019 10:50 AM
  • Hi Leo,

    I did not make TLS1.2 registry change for .net frame work  initially. Once those added to the registry , https call started working. Thank you for the details.

    Tuesday, November 19, 2019 5:15 PM
  •  I did not make TLS1.2 registry change for .net frame work  initially. Once those added to the registry as per Leo's comment , https call started working. 

    Thank you for the repose.

    Tuesday, November 19, 2019 5:17 PM