Network error 12175 when PUTing something

Michael_Dettmer · June 6, 2020, 11:09am

Hi all.
my CAPP app tries to connect to my license server - runs fine on a Mac. Windows 10 gives me back an 12175 error (which seems to be a kind of black hole). Here comes the code:

Var resp,url,s As String
Var JSONrecord As New JSONMBS
Var purl       As New URLConnection
'
HTTPresponse = "none"
purl.RequestHeader("Authorization") = "Basic cG7334Z67wYW4="
'
JSONrecord.AddItemToObject "HardwareKey",    JSONMBS.NewStringNode(EnCrypt(HardwareKey))
JSONrecord.AddItemToObject "CustomerEmail",  JSONMBS.NewStringNode(EnCrypt(CustomerEmail))
'
purl.SetRequestContent(JSONrecord.toString, "application/json")
url = "https://licenseserver.net:3773/blabla/licenses"
'
Try
  resp = purl.SendSync("PUT",url,5)
Catch NetworkException
  MsgBox("Connection failed: " + Str(NetworkException.ErrorNumber) + " - " + NetworkException.Message)
  Return False
End Try
'
HTTPresponse = Str(purl.HTTPStatusCode)
HTTPresponseString = GetHTTP(purl.HTTPStatusCode)
'
If HTTPresponse <> "200" Then
  Return False
Else
  Return True
End

It catches an 12175 error with “security problem” - no HTTP response. Tried already: Longer timeout, Windows Update, several drivers updated, firewall exceptions, firewall off, all Windows stuff off, no virus scanner, Explorer Security Options lowest - no change. I am a bit confused now. I do not like Windows and this does not make it better.

Any help would be very appreciated - thanks again - Michael.

anon20074439 · June 6, 2020, 1:46pm

What OS is your licence server running and does it support TLS 1.2?

Read here https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client if your server OS is older than “Windows 8.1, Windows Server 2012 R2, Windows 10, Windows Server 2016” or check that your Windows 10 machine has TLS 1.2 enabled.

Michael_Dettmer · June 6, 2020, 3:04pm

The server is a debian 4.9 - lots of other stuff running correctly on it. Webservice is a Xojo one - running and serving other Apps perfectly. Even the same App on Mac works fine. And thank you, yes, I tried your suggestion also - and all TLS from 1.0 to 1.2 are on. Other Apps are doing fine. But this App refuses to work, in debug mode as as a compiled one. And on all other Windows 10 machines. Wndows 7 has no problem (!?) with it.

Next step I will try is to “shrink” the app until it is only skeleton. There must be a difference which causes the problem. But no idea yet.

anon20074439 · June 6, 2020, 3:15pm

Try checking that TLS 1.2 is enabled for WinHTTP under windows 10 (I don’t know why it might have been turned off), this is most easily checked by the follow:

http://sunlync.com/kb/index.php?View=entry&EntryID=623

anon20074439 · June 6, 2020, 3:24pm

Hmmm on all other windows 10 machines, hmm it might not be that then unless you have a group policy to turn TLS 1.2 off. Not sure then tbh, you idea of breaking the app down into a small test is probably the best route at the moment.

DerkJ · June 6, 2020, 5:02pm


Try


Catch e As NetworkException

// >> E.messag.....

End Catch

Would help with your code at least to clear it up

DerkJ · June 6, 2020, 5:04pm

It may be so that your server is using an unaccepted hashing type or encryption type for the certificate

Michael_Dettmer · June 7, 2020, 7:24am

@Derk,
this is what I did:

Catch NetworkException MsgBox("Connection failed: " + Str(NetworkException.ErrorNumber) + " - " + NetworkException.Message)
… and got this d*** error number 12175.
Anyhow: It is running at many other places - incl. Mac - so I assume it could not be the server.
@ ,
no policies set. All TLS ticked, tried also “experimental 1.3”, I suppose it is something weird in Win10 - like always.

btw: Thanks a lot for your feedback!

DerkJ · June 7, 2020, 8:14am

[quote=491461:@Michael Dettmer]@Derk,
this is what I did:

Catch NetworkException MsgBox("Connection failed: " + Str(NetworkException.ErrorNumber) + " - " + NetworkException.Message)
… and got this d*** error number 12175.
Anyhow: It is running at many other places - incl. Mac - so I assume it could not be the server.
@ ,
no policies set. All TLS ticked, tried also “experimental 1.3”, I suppose it is something weird in Win10 - like always.

btw: Thanks a lot for your feedback![/quote]

Are you even sure that is supposed to work, try changing the try catch to use a property the. Check the result


Catch e As NetworkException
  MsgBox("Connection failed: " + Str(E.ErrorNumber) + " - " + e.Message)

See:
https://documentation.xojo.com/api/code_execution/try.html

It states [ErrorType]

You are not using the errorParameter

anon20074439 · June 7, 2020, 9:13am

A few more tests would be:

paste the URL into IE and see if it can reach the page
check your Windows 10 clock to ensure they aren’t set wrong
Grab a local TLS checker and point it at your site just to make sure the TLS is matching what you’re expecting to use and the server isn’t mis-configured and mac is falling back to a usable version of TLS but windows isn’t

Michael_Dettmer · June 7, 2020, 9:32am

FOUND I T !!!

Nothing to do with Windows or TLS. Guess! … Its an XOJO issue. Sure the old stuff is running. I found it by adding and removing my URLConnection object. What I found out is a bit strange:

Apps made in former Versions of XOJO contain this little line in the definition of the URLConnection:

 AllowCertificateValidation=   False

If I create a new one this line is NOT ANY LONGER in there.

So if I assign this manually on top - everything is fine. Finally I should not blame Windows10 any more?
But what I still wonder about is how and why this was done by XOJO. But on the other hand: I was able to figure out on my own. And THIS is the real message behind that. Satisfaction.

Julian, Derk . thanks for your help!