Standalone SSL Connection Reset Error

  1. ‹ Older
  2. 4 years ago

    Brock N

    20 Oct 2014 Pre-Release Testers, Xojo Pro

    @Greg OLone There are a few things that immediately come to mind:

    1. Are you sure that IIS isn't already binding to port 443?
    2. Are you sure that you have permission to bind to port 443? Have you tried another port (something above 1023) just to be sure?
    3. Is the filesystem case-sensitive? If so, the SSL certificate name must match the application exactly. SSLTest ≠ ssltest.crt

    I'm curious... what do you mean by "re-keyed"?

    1) IIS has only one "Default Site" in it and it is "stopped" by default so I dont think it would be binding to port 443.

    2) I enabled the worker role to open 443 so that traffic can run through it. (firewall open)

    To address 1 and 2 - Is there a way to see if the launched app indeed has an open listener to this port some how?

    3) Cases match exactly.

    ~4) Re-keyed meant I generated a new Private key and a new CSR. I submitted this to godaddy using their "re-key" certificate option to overwrite the old key as an attempt to fix the problem. It did not, but I figured it was worth a shot at this point. I'm incredibly frustrated with trying to get Web Standalone working with SSL and I'm willing to try anything at this point. Next on the list is praying to the Juju Gods... *sigh

  3. Brock- have you tried this on a local Windows instance- and if so, do you get the same connection reset errors?

  4. Brock N

    20 Oct 2014 Pre-Release Testers, Xojo Pro
    Edited 4 years ago

    @Travis H Brock- have you tried this on a local Windows instance- and if so, do you get the same connection reset errors?

    I spooled up an Azure virtual machine at the end of my day. Tomorrow I'll try that and then try a local instance if that doesn't work.

  5. Eric B

    20 Oct 2014 Arlington, Texas

    One thing to check also... you said you put the certificate file next to your app; however, have you double-checked the path pointed to the folderitem that's referenced to the sslSocket.certificateFile property within your server source code?

  6. Eric- I've verified case 34263 (intermediate certs not being properly relayed in a standalone SSL webapp) and we'll get that addressed. You can split discussion of that to another thread if you like. We'll keep this one about Brock's connection-reset issue since he started it, which I believe to be a wholly separate thing.

  7. Brock N

    20 Oct 2014 Pre-Release Testers, Xojo Pro

    @Eric B sslSocket.certificateFile property within your server source code?

    Is that something I need to configure in the worker role? Or something I check in the xojo app?

  8. I believe we're talking about a standalone web app- so I don't think there is any managing of sockets and their properties directly here, unless I'm mistaken.

  9. Eric B

    20 Oct 2014 Arlington, Texas

    @Brock N Is that something I need to configure in the worker role? Or something I check in the xojo app?

    Brock, it's been awhile since I've changed anything in my web application (I've been using the sslSocket directly under a console application for the past month or so, so I'm a little foggy). Travis may be correct here.

  10. Brock N

    20 Oct 2014 Pre-Release Testers, Xojo Pro
    Edited 4 years ago

    @Eric B Brock, it's been awhile since I've changed anything in my web application (I've been using the sslSocket directly under a console application for the past month or so, so I'm a little foggy). Travis may be correct here.

    @Travis H I believe we're talking about a standalone web app- so I don't think there is any managing of sockets and their properties directly here, unless I'm mistaken.

    Travis is correct. This is a Standalone web application trying to run SSL. The HTTP traffic goes through fine but the HTTPS traffic fails despite the firewall being open to FTP traffic on port 443 and the certificate meeting specifications. The app is launched with the appropriate parameters as indicated earlier in this discussion.

  11. Brock N

    21 Oct 2014 Pre-Release Testers, Xojo Pro

    I deployed it to a Virtual Machine instead of the worker role. It's happy now and works with HTTPS. Also firefox is now happy with my SSL certificate too :D

  12. Good to hear!

  13. Brock N

    21 Oct 2014 Pre-Release Testers, Xojo Pro

    So I could get it working on a remote machine with Azure but it couldn't talk to my databases. When I have a virtual machine in my VPN, and the proper subnet I can get it to talk to my databases but now HTTPS doesn't work.

    I think Azure is blocking the HTTPS traffic to Virtual Machines in my VPN subnet. Not sure why and I've tried googling how to fix this but I haven't found anything helpful. If anyone has any experience in the Azure world and might know how to set this up. I would definitely appreciate any ideas.

  14. Eric B

    21 Oct 2014 Arlington, Texas

    http://stackoverflow.com/questions/9183663/azure-ports-required

    Could it be because Azure is using 443 for its own use? Never used Azure before... but I had a similar experience using VMWare, where 443 was in use by the way I was already connecting to it.

  15. Brock N

    21 Oct 2014 Pre-Release Testers, Xojo Pro

    Oops, I just forgot to add an endpoint in this case. Everything is working right now :D
    Thanks to everyone who offered suggestions ^_^

  16. Greg O

    21 Oct 2014 Xojo Inc

    @Greg OLone Something else to note...

    Internet Explorer may not come with TLS turned on by default. If you will be connecting to a standalone web app using SSL, you'll need to turn it on:

    1. Go to Tools->Internet Options->Advanced
    2. Scroll all the way to the bottom of the Settings list
    3. Check Use TLS 1.0

    My apologies, I was mistaken about this. I'd been doing some tests regarding the Poodle SSLv3 vulnerability last week and forgot to revert the VM to its pristine state. TLS is ON for Internet Explorer by default, at least back through v8. I have not checked any versions before that.

  17. 3 weeks ago

    Maximilian T

    Nov 21 Pre-Release Testers, Xojo Pro Europe, Germany, Berlin
    Edited 3 weeks ago

    I am suddenly seeing this in my web SSL standalone webapp (at https://www.inqua-planer.de ) compiled with Xojo 2018 r3.2 running under UBUNTU14.04 which ran reliably for years. I am using a letsencrypt certificate, and there seems nothing wrong with it as confirmed by https://www.sslshopper.com/ssl-checker.html#hostname=https://www.inqua-planer.de

    I can restart the app, and it will launch fine, but as soon as I type something into the login window

    Chrome reports this:

    -image-

    Erm, this is kind of urgent, any kind of hint would be highly appreciated...

  18. Maximilian T

    Nov 21 Pre-Release Testers, Xojo Pro Europe, Germany, Berlin

    Hmm, now it seems to work again, after restarting the app for the 10th time. Very scary. If anyone has a guess to offer as to how to avoid these issues....

  19. Greg O

    Nov 21 Xojo Inc

    That just looks like network instability to me. Your browser simply couldn't reliably talk to the server.

  20. Maximilian T

    Nov 21 Pre-Release Testers, Xojo Pro Europe, Germany, Berlin

    Ah, hmm, well, maybe. I had no other network issues though. But maybe. Thanks for chiming in.

or Sign Up to reply!