wrote:
> David,
>
> The result of the log gave me a clue and send me to this page:http://tech=
net2.microsoft.com/windowsserver/en/library/0ef55842-24d2-...
>
> I used it to set a new size (first the example value), as the request is
> about 1MB (and can grow) i used 1.500.000 as a value.
> The note below says that it not recommended for non client certificate
> authentication, but although we are using this, am i using the correct fix
> in the correct way.
>
> This is the log from IIS for the specific call, before the value changed:
>
> ----
> #Software: Microsoft Internet Information Services 6.0
> #Version: 1.0
> #Date: 2007-06-26 07:20:14
> #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-p=
ort
> cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
> 2007-06-26 07:26:24 W3SVC1159432196 129.227.40.132 POST
> /sanws/sanservice.asmx - 81 - 192.39.234.162
> Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50=
72=AD7.42)
> 413 0 0
> 2007-06-26 07:27:53 W3SVC1159432196 129.227.40.132 POST
> /sanws/sanservice.asmx - 81 - 192.39.234.162
> Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50=
72=AD7.42)
> 413 0 0
> ----
>
> Ofcourse the 413 helped me out here.
> I didn't expect this to be logged in IIS because during debugging of the
> receiving webservice i never got a breakpoint to hit, and i didn't get a
> SOAPException on the calling application.
>
> So the main question is: Is this the correct fix?
>
> "David Wang" <w3.4...@gmail.com> wrote in message
>
> news:1182813801.647872.83380@x35g2000prf.googlegroups.com...
>
>
>
> > On Jun 25, 4:18 am, "Martijn van Schie" <mvansc...@newsgroup.nospam>
> > wrote:
> >> I'm working on a webservice that excepts a batchfile as a parameter.
> >> When i do a post to this webserver using unsecure http connection, i
> >> works
> >> fine.
>
> >> Now when i configure IIS for the production enviroment i get an error
> >> when
> >> the request is to large (We have not actually tested the threshold, but
> >> our
> >> "large" file is about 800kb).
> >> The configuration is as follows:
>
> >> - SSL Enabled;
> >> - Accept client certificate;
> >> - Certificate mapping configured;
> >> - ASP.NET configured for impersonation of the mapped account.
>
> >> The exception we get is:
>
> >> System.Net.WebException: The underlying connection was closed: An
> >> unexpected
> >> error occurred on a send. ---> System.IO.IOException: Unable to write
> >> data
> >> to the transport connection: An established connection was aborted by =
the
> >> software in your host machine. ---> System.Net.Sockets.SocketException:
> >> An
> >> established connection was aborted by the software in your host machine
> >> at System.Net.Sockets.Socket.MultipleSend(BufferOffsetSize[] buffer=
s,
> >> SocketFlags socketFlags)
> >> at System.Net.Sockets.NetworkStream.MultipleWrite(BufferOffsetSize[]
> >> buffers)
> >> --- End of inner exception stack trace ---
>
> >> We also tested the same configuration with a smaller file and this work
> >> fine
> >> (small meaning about 100kb).
>
> >> Another thing is that the exception occured when the iis timeout is
> >> reached.
> >> Changing this timeout to a higher value only extend the time before the
> >> exception occured. We have raised it to 4 minutes, although the same
> >> request, using the larger file takes about 10 second using HTTP.
>
> >> Regards,
> >> Martijn van Schie
>
> > Can you provide the corresponding log entry in IIS for this failed
> > request?
>
> > Sounds like a known limitation with SSL Client Certificate public
> > specification, but the IIS log entry will tell.
>
> > //David
> >http://w3-4u.blogspot.com
> >http://blogs.msdn.com/David.Wang
> > //- Hide quoted text -
>
> - Show quoted text -

"David Wang" <w3.4you@gmail.com> wrote in message
news:1182917436.520897.305980@n2g2000hse.googlegroups.com...

wrote:
> David,
>
> The result of the log gave me a clue and send me to this
> page:http://technet2.microsoft.com/windowsserver/en/library/0ef55842-24d2-...
>
> I used it to set a new size (first the example value), as the request is
> about 1MB (and can grow) i used 1.500.000 as a value.
> The note below says that it not recommended for non client certificate
> authentication, but although we are using this, am i using the correct fix
> in the correct way.
>
> This is the log from IIS for the specific call, before the value changed:
>
> ----
> #Software: Microsoft Internet Information Services 6.0
> #Version: 1.0
> #Date: 2007-06-26 07:20:14
> #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query
> s-port
> cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
> 2007-06-26 07:26:24 W3SVC1159432196 129.227.40.132 POST
> /sanws/sanservice.asmx - 81 - 192.39.234.162
> Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.5072­7.42)
> 413 0 0
> 2007-06-26 07:27:53 W3SVC1159432196 129.227.40.132 POST
> /sanws/sanservice.asmx - 81 - 192.39.234.162
> Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.5072­7.42)
> 413 0 0
> ----
>
> Ofcourse the 413 helped me out here.
> I didn't expect this to be logged in IIS because during debugging of the
> receiving webservice i never got a breakpoint to hit, and i didn't get a
> SOAPException on the calling application.
>
> So the main question is: Is this the correct fix?
>
> "David Wang" <w3.4...@gmail.com> wrote in message
>
> news:1182813801.647872.83380@x35g2000prf.googlegroups.com...
>
>
>
> > On Jun 25, 4:18 am, "Martijn van Schie" <mvansc...@newsgroup.nospam>
> > wrote:
> >> I'm working on a webservice that excepts a batchfile as a parameter.
> >> When i do a post to this webserver using unsecure http connection, i
> >> works
> >> fine.
>
> >> Now when i configure IIS for the production enviroment i get an error
> >> when
> >> the request is to large (We have not actually tested the threshold, but
> >> our
> >> "large" file is about 800kb).
> >> The configuration is as follows:
>
> >> - SSL Enabled;
> >> - Accept client certificate;
> >> - Certificate mapping configured;
> >> - ASP.NET configured for impersonation of the mapped account.
>
> >> The exception we get is:
>
> >> System.Net.WebException: The underlying connection was closed: An
> >> unexpected
> >> error occurred on a send. ---> System.IO.IOException: Unable to write
> >> data
> >> to the transport connection: An established connection was aborted by
> >> the
> >> software in your host machine. ---> System.Net.Sockets.SocketException:
> >> An
> >> established connection was aborted by the software in your host machine
> >> at System.Net.Sockets.Socket.MultipleSend(BufferOffsetSize[]
> >> buffers,
> >> SocketFlags socketFlags)
> >> at System.Net.Sockets.NetworkStream.MultipleWrite(BufferOffsetSize[]
> >> buffers)
> >> --- End of inner exception stack trace ---
>
> >> We also tested the same configuration with a smaller file and this work
> >> fine
> >> (small meaning about 100kb).
>
> >> Another thing is that the exception occured when the iis timeout is
> >> reached.
> >> Changing this timeout to a higher value only extend the time before the
> >> exception occured. We have raised it to 4 minutes, although the same
> >> request, using the larger file takes about 10 second using HTTP.
>
> >> Regards,
> >> Martijn van Schie
>
> > Can you provide the corresponding log entry in IIS for this failed
> > request?
>
> > Sounds like a known limitation with SSL Client Certificate public
> > specification, but the IIS log entry will tell.
>
> > //David
> >http://w3-4u.blogspot.com
> >http://blogs.msdn.com/David.Wang
> > //- Hide quoted text -
>
> - Show quoted text -

wrote:
> Your right offcourse ... I should have known better ;).
> Thank for the hint.
>
> Only two questions remain:
>
> 1) Do i need actually need to set the UploadReadAheadSize higher then the
> expected request size.
> 2) Is this issue fixed in IIS 7 (I'm have Longhorn beta3 installed on a
> virtual machine at the moment, so i could test it).
>
> regards,
> martijn
>
> "David Wang" <w3.4...@gmail.com> wrote in message
>
> news:1182917436.520897.305980@n2g2000hse.googlegroups.com...
> Yes, that is the only available workaround for getting 413 with SSL
> Client Certificates that I was alluding to earlier - increase the size
> of UploadReadAheadSize. It is really a problem caused by the SSL
> Specification.
>
> Not getting a breakpoint in a managed code WebService hardly means the
> request did not arrive at IIS. There's a bunch of native code, whose
> execution is logged, which execute way before managed code is even
> involved, WebService invoked, and breakpoints triggered... so always
> check for log files. :-)
>
> //Davidhttp://w3-4u.blogspot.comhttp://blogs.msdn.com/David.Wang
> //
>
> On Jun 26, 1:02 am, "Martijn van Schie" <mvansc...@newsgroup.nospam>
> wrote:
>
>
>
> > David,
>
> > The result of the log gave me a clue and send me to this
> > page:http://technet2.microsoft.com/windowsserver/en/library/0ef55842-24=
d2-...
>
> > I used it to set a new size (first the example value), as the request is
> > about 1MB (and can grow) i used 1.500.000 as a value.
> > The note below says that it not recommended for non client certificate
> > authentication, but although we are using this, am i using the correct =
fix
> > in the correct way.
>
> > This is the log from IIS for the specific call, before the value change=
d:
>
> > ----
> > #Software: Microsoft Internet Information Services 6.0
> > #Version: 1.0
> > #Date: 2007-06-26 07:20:14
> > #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query
> > s-port
> > cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
> > 2007-06-26 07:26:24 W3SVC1159432196 129.227.40.132 POST
> > /sanws/sanservice.asmx - 81 - 192.39.234.162
> > Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.=
5072=AD=AD7.42)
> > 413 0 0
> > 2007-06-26 07:27:53 W3SVC1159432196 129.227.40.132 POST
> > /sanws/sanservice.asmx - 81 - 192.39.234.162
> > Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.=
5072=AD=AD7.42)
> > 413 0 0
> > ----
>
> > Ofcourse the 413 helped me out here.
> > I didn't expect this to be logged in IIS because during debugging of the
> > receiving webservice i never got a breakpoint to hit, and i didn't get a
> > SOAPException on the calling application.
>
> > So the main question is: Is this the correct fix?
>
> > "David Wang" <w3.4...@gmail.com> wrote in message
>
> >news:1182813801.647872.83380@x35g2000prf.googlegroups.com...
>
> > > On Jun 25, 4:18 am, "Martijn van Schie" <mvansc...@newsgroup.nospam>
> > > wrote:
> > >> I'm working on a webservice that excepts a batchfile as a parameter.
> > >> When i do a post to this webserver using unsecure http connection, i
> > >> works
> > >> fine.
>
> > >> Now when i configure IIS for the production enviroment i get an error
> > >> when
> > >> the request is to large (We have not actually tested the threshold, =
but
> > >> our
> > >> "large" file is about 800kb).
> > >> The configuration is as follows:
>
> > >> - SSL Enabled;
> > >> - Accept client certificate;
> > >> - Certificate mapping configured;
> > >> - ASP.NET configured for impersonation of the mapped account.
>
> > >> The exception we get is:
>
> > >> System.Net.WebException: The underlying connection was closed: An
> > >> unexpected
> > >> error occurred on a send. ---> System.IO.IOException: Unable to write
> > >> data
> > >> to the transport connection: An established connection was aborted by
> > >> the
> > >> software in your host machine. ---> System.Net.Sockets.SocketExcepti=
on:
> > >> An
> > >> established connection was aborted by the software in your host mach=
ine
> > >> at System.Net.Sockets.Socket.MultipleSend(BufferOffsetSize[]
> > >> buffers,
> > >> SocketFlags socketFlags)
> > >> at System.Net.Sockets.NetworkStream.MultipleWrite(BufferOffsetSiz=
e[]
> > >> buffers)
> > >> --- End of inner exception stack trace ---
>
> > >> We also tested the same configuration with a smaller file and this w=
ork
> > >> fine
> > >> (small meaning about 100kb).
>
> > >> Another thing is that the exception occured when the iis timeout is
> > >> reached.
> > >> Changing this timeout to a higher value only extend the time before =
the
> > >> exception occured. We have raised it to 4 minutes, although the same
> > >> request, using the larger file takes about 10 second using HTTP.
>
> > >> Regards,
> > >> Martijn van Schie
>
> > > Can you provide the corresponding log entry in IIS for this failed
> > > request?
>
> > > Sounds like a known limitation with SSL Client Certificate public
> > > specification, but the IIS log entry will tell.
>
> > > //David
> > >http://w3-4u.blogspot.com
> > >http://blogs.msdn.com/David.Wang
> > > //- Hide quoted text -
>
> > - Show quoted text -- Hide quoted text -
>
> - Show quoted text -

"David Wang" <w3.4you@gmail.com> wrote in message
news:1182940825.769448.62210@i13g2000prf.googlegroups.com...

wrote:
> Your right offcourse ... I should have known better ;).
> Thank for the hint.
>
> Only two questions remain:
>
> 1) Do i need actually need to set the UploadReadAheadSize higher then the
> expected request size.
> 2) Is this issue fixed in IIS 7 (I'm have Longhorn beta3 installed on a
> virtual machine at the moment, so i could test it).
>
> regards,
> martijn
>
> "David Wang" <w3.4...@gmail.com> wrote in message
>
> news:1182917436.520897.305980@n2g2000hse.googlegroups.com...
> Yes, that is the only available workaround for getting 413 with SSL
> Client Certificates that I was alluding to earlier - increase the size
> of UploadReadAheadSize. It is really a problem caused by the SSL
> Specification.
>
> Not getting a breakpoint in a managed code WebService hardly means the
> request did not arrive at IIS. There's a bunch of native code, whose
> execution is logged, which execute way before managed code is even
> involved, WebService invoked, and breakpoints triggered... so always
> check for log files. :-)
>
> //Davidhttp://w3-4u.blogspot.comhttp://blogs.msdn.com/David.Wang
> //
>
> On Jun 26, 1:02 am, "Martijn van Schie" <mvansc...@newsgroup.nospam>
> wrote:
>
>
>
> > David,
>
> > The result of the log gave me a clue and send me to this
> > page:http://technet2.microsoft.com/windowsserver/en/library/0ef55842-24d2-...
>
> > I used it to set a new size (first the example value), as the request is
> > about 1MB (and can grow) i used 1.500.000 as a value.
> > The note below says that it not recommended for non client certificate
> > authentication, but although we are using this, am i using the correct
> > fix
> > in the correct way.
>
> > This is the log from IIS for the specific call, before the value
> > changed:
>
> > ----
> > #Software: Microsoft Internet Information Services 6.0
> > #Version: 1.0
> > #Date: 2007-06-26 07:20:14
> > #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query
> > s-port
> > cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
> > 2007-06-26 07:26:24 W3SVC1159432196 129.227.40.132 POST
> > /sanws/sanservice.asmx - 81 - 192.39.234.162
> > Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.5072­­7.42)
> > 413 0 0
> > 2007-06-26 07:27:53 W3SVC1159432196 129.227.40.132 POST
> > /sanws/sanservice.asmx - 81 - 192.39.234.162
> > Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.5072­­7.42)
> > 413 0 0
> > ----
>
> > Ofcourse the 413 helped me out here.
> > I didn't expect this to be logged in IIS because during debugging of the
> > receiving webservice i never got a breakpoint to hit, and i didn't get a
> > SOAPException on the calling application.
>
> > So the main question is: Is this the correct fix?
>
> > "David Wang" <w3.4...@gmail.com> wrote in message
>
> >news:1182813801.647872.83380@x35g2000prf.googlegroups.com...
>
> > > On Jun 25, 4:18 am, "Martijn van Schie" <mvansc...@newsgroup.nospam>
> > > wrote:
> > >> I'm working on a webservice that excepts a batchfile as a parameter.
> > >> When i do a post to this webserver using unsecure http connection, i
> > >> works
> > >> fine.
>
> > >> Now when i configure IIS for the production enviroment i get an error
> > >> when
> > >> the request is to large (We have not actually tested the threshold,
> > >> but
> > >> our
> > >> "large" file is about 800kb).
> > >> The configuration is as follows:
>
> > >> - SSL Enabled;
> > >> - Accept client certificate;
> > >> - Certificate mapping configured;
> > >> - ASP.NET configured for impersonation of the mapped account.
>
> > >> The exception we get is:
>
> > >> System.Net.WebException: The underlying connection was closed: An
> > >> unexpected
> > >> error occurred on a send. ---> System.IO.IOException: Unable to write
> > >> data
> > >> to the transport connection: An established connection was aborted by
> > >> the
> > >> software in your host machine. --->
> > >> System.Net.Sockets.SocketException:
> > >> An
> > >> established connection was aborted by the software in your host
> > >> machine
> > >> at System.Net.Sockets.Socket.MultipleSend(BufferOffsetSize[]
> > >> buffers,
> > >> SocketFlags socketFlags)
> > >> at
> > >> System.Net.Sockets.NetworkStream.MultipleWrite(BufferOffsetSize[]
> > >> buffers)
> > >> --- End of inner exception stack trace ---
>
> > >> We also tested the same configuration with a smaller file and this
> > >> work
> > >> fine
> > >> (small meaning about 100kb).
>
> > >> Another thing is that the exception occured when the iis timeout is
> > >> reached.
> > >> Changing this timeout to a higher value only extend the time before
> > >> the
> > >> exception occured. We have raised it to 4 minutes, although the same
> > >> request, using the larger file takes about 10 second using HTTP.
>
> > >> Regards,
> > >> Martijn van Schie
>
> > > Can you provide the corresponding log entry in IIS for this failed
> > > request?
>
> > > Sounds like a known limitation with SSL Client Certificate public
> > > specification, but the IIS log entry will tell.