in windows server 2012, I installed IIS.
I created a site with host name host1 (name of windows server) and create a folder called host1 under C:\inetpub\wwwroot, contains a html file.
when navigate http://host1/, I got the desired content of the html file
Now, I have to create a certificate using that thread.
I success all the steps, but stucked on step 7:
at that step, the cmd of (wacs.exe) is closed by it self.
Could you please help me solving that issue ? Big thanks.
To get the reason behind the issue you need to check the event viewer log.
I tried to reproduce your issue. I got the below error in event viewer:
A fatal error occurred while creating an SSL client credential. The internal error state is 10013.
you will find this log under the windows-> system logs.
The reason behind the issue is on your machine TLS 1.2 is not enabled.
To resolve the issue you could follow the below steps:
1)open the registry editor.
2) go to the below section:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2
set below value to the particular section:
client:
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
Server:
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
Note: Do not forget to restart your machine after editing registry key values.
reference link:
A fatal error occurred while creating a TLS client credential. The internal error state is 10013
Related
Hello over the weekend my self-hosted build agent lost connection to the DevOps Services. Not completely but I am getting connection errors on almost all of my builds.
my builds are failing with the error:
ERR Agent] System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..
From the Agent diagnostic logs.
I tried re-installing the Agent but this is not possible either as I get the exact same error when I try to run config.cmd remove
I tried adding --sslskipcertvalidation but this does not seem to work with the remove command. I tried to remove the old from the services, but it will not remove from the agent machine as I cannot complete the "config.cmd remove" process.
No clue why I am getting these connection errors all of a sudden. (I am on the Basic plan)
Does not seem to be relating to any current reported Azure outages (2021-04-12).
I ended up installing the agent again in a separate folder from the old agent.
Likely the issue was that the old agent was installed with the url [org.name].visualstudio.com I guess there is now some SSL certificate issue on the old url.
I installed the new agent with the dev.azure.com/[org.name] url and this solved all of my issues.
The same thing happened to me, but I was able to solve it by installing this application on the server, which is used to activate the TLS2 protocols with just one click and the SSL Cipher Suites
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits FS 256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 2048 bits FS 128
nartac IISCrypto is the app
I am currently trying to deploy a NuGet package to our local Nexus server from a Linux build machine (dotnet core project)
However, the Nexus server is running on HTTPS with a company domain certificate which is not recognised by my build machine.
When I run nuget push I get the following error:
Pushing App.1.0.0.nupkg to 'https://v-nexus/repository/nuget/'...
PUT https://v-nexus/repository/nuget/
An error was encountered when fetching 'PUT https://v-nexus/repository/nuget/'. The request will now be retried.
Error: TrustFailure (The authentication or decryption has failed.)
The authentication or decryption has failed.
Invalid certificate received from server. Error code: 0xffffffff800b010a
PUT https://v-nexus/repository/nuget/
An error was encountered when fetching 'PUT https://v-nexus/repository/nuget/'. The request will now be retried.
Error: TrustFailure (The authentication or decryption has failed.)
The authentication or decryption has failed.
Invalid certificate received from server. Error code: 0xffffffff800b010a
PUT https://v-nexus/repository/nuget/
Error: TrustFailure (The authentication or decryption has failed.)
The authentication or decryption has failed.
Invalid certificate received from server. Error code: 0xffffffff800b010a
I have tried:
Installing the server certificate globally (using update-ca-certificates)
Installing the certificate using certmgr
Is there any other way that I have missed, or is this a known issue using NuGet in Linux. (I am using docker containers so don't want the solution to be "use windows"!) This is forming part of our automated build system so I am limited to Linux docker containers.
One of my colleges, running Windows is able to push the package without any issues, so I know it's not an issue with the server.
This is a very old question but I came across it looking for an answer to this issue.
The problem seems to be Nuget, under Mono, is broken.
It's not really an answer but hopefully it helps somebody else.
I have tried to create VPN connection in my windows 8.1 machine.
I have followed the steps mentioned in the setup. While connecting Its shows the error message as:
"A certificate could not be found that can be used with this
Extensible Authentication Protocol. (Error 798)".
How to resolve this issue. Thanks in advance.
This typically means that the client certificate is not installed on the Windows machine you are trying to connect from.
On the client machine, please open "certmgr" from command prompt and verify that the client certificate (created/signed by the root certificate) is installed on the machine.
A couple more things to check or verify:
The P2S root cert, the one you uploaded to Azure, must be in the
machine's trusted root store in certmgr
Delete the re-install/import the client cert again, please ensure you
do NOT check the "Enable strong private key protection. ..."
(It's a long shot but ...) Check if the following regkey is set to 1:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\13
\SelectSelfSignedCert
If it still fails, collect tracing for further debugging from an elevated command prompt:
"netsh ras diag se tr en"
repro the issue (failed connect)
"netsh ras diag se tr dis"
Share/send the contents of your Windows\tracing folder
[Edit]
Just found another link with very extensive instructions to try:
https://www.tectimes.net/how-to-microsoft-azure-como-solucionar-el-error-798-a-certificate-could-not-be-used-with-this-extensible-authentication-protocol-en-windows-8-1-en-una-vpn-hacia-azure/
(In Spansh, you will need to translate the page.)
Thanks,
Yushun [MSFT]
We've been able to successfully, automatically, deploy our MVC and WebApi to IIS7.5 on Win2008 R2, for some time now. Just this week the MSDeploy stopped working. The System event log shows this error when attempting to restart the Web Management Service on the targeted Win200 R2 server:
The Web Management Service service terminated with service-specific
error %%-2147483640.
The Application log shows this error at the same exact time the above error occurs.
IISWMSVC_STARTUP_UNABLE_TO_ACTIVATE_HWC
Failed to activate the Hostable Web Core (HWC). Web Management Service startup failed. Please reference the Win32 error in this
event for further information.
Exception:System.Runtime.InteropServices.COMException (0x8007007F):
The specified procedure could not be found. (Exception from HRESULT:
0x8007007F) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at
Microsoft.Web.Management.Server.WebServer.Microsoft.Web.Management.Server.Interop.IWebServer.Start()
Process:WMSvc User=NT AUTHORITY\LOCAL SERVICE
The above error is preceded by this warning:
A listener channel for protocol 'http' in worker process '7164' serving application pool 'WMSvcAppPool' reported a listener channel
failure. The data field contains the error number.
Which is preceded by this error:
Failed to find the RegisterModule entrypoint in the module DLL C:\Windows\Microsoft.NET\Framework64\v4.0.30319\webengine.dll. The
data is the error.
We've attempted to reach the target server using https://ourservername:8172/MsDeploy.axd. The response is:
Error 102 (net::ERR_CONNECTION_REFUSED): The server refused the
connection
Is this occurring because the port is blocked or because the Web Management Service is not running? (The Windows Firewall with Advanced Security dialog says the "Windows Firewall is off" and there are no entries in the firewall log (C:\Windows\System32\LogFiles\Firewall).
We've seen some posts that indicate the certificate may be the issue. Not sure how to actually tell if this is the case though. The CERT we have says it is valid thru 2029.
I resolved the problem on a cloned Win2012 VM by changing the SSL certificate which was set to the original host. I used the self-cert.
I've put this here as a potential answer as I didn't read the question far enough to see the SSL comment at the end ;) and although the fix took 30 seconds we spent at least 2 days trying everything else.
I am trying to connect to website in win azure using filezilla. It connected fine for few minutes and I was able to upload the files. But then it stopped working. I am getting this message:
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I.
Command: PASV
Response: 227 Entering Passive Mode (137,117,88,16,40,32).
Command: LIST
Response: 150 Opening BINARY mode data connection.
Response: 550 The network connection was aborted by the local system.
Error: Failed to retrieve directory listing
I have tried setting transfer mode to ACTIVE and few other suggestions, but nothing seems to work. What could be the problem?
There might be a time-out issue on the server. You will need to tell your FTP client to keep the connection alive so that it doesn't start a second connection while the first connection is still alive.
To set this in FileZilla client, go to Edit, Settings, Connection, FTP, and check "Send FTP keep-alive commands" checkbox.
For more detailed explanation of the problem, visit: http://blogs.msdn.com/b/wats/archive/2013/12/13/setting-up-a-passive-ftp-server-in-windows-azure-vm.aspx Scroll towards the bottom and read the "Points to consider from Azure SLB perspective" section.
I had the same problem with my FTP on Azure (getting 550 errors) and checking the "Send FTP keep-alive commands" checkbox above solved my problem.
Hope this helps!
The error message:
Response: 550 The network connection was aborted by the local system
Suggests that there is an error in your local network.
This error is not within Windows Azure, but within your local network (and appears to only be triggered by FileZilla). Contact your system administrator or Internet Service Provider. Also, please try first solving the problem yourself using something like this.