Search code examples
c#wcf.net-coreasp.net-core-2.0

.Net Core WCF Client throws WinHttpException with error 0x2f9a

We have a auto-generated WCF client using the new wcf client from .Net Core 2.0. We managed to make it work on our development machine, however in our production server this exception is thrown:

System.ServiceModel.CommunicationException: An error occurred while sending the request. ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.WinHttpException: Unknown error (0x2f9a)

Both machines have .NET Core 2.1 installed. One is a Windows 10 PC, the other a Windows Server 2008 R2 SP1.

As you can see, there isn't much information in the exception. I've tried to find anything about that error code, but didn't get anything. The exception contains no other information. The line that throws is nothing but a call to the service:

_ws.recuperaViabilidadesPendentesAsync("")

The client is configured like this:

BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
basicHttpBinding.Security.Mode = BasicHttpSecurityMode.Transport;
basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;

// I've edited out the domain names
EndpointAddress endpointAddress = new EndpointAddress("address");

_ws = new ViabilidadePrefeituraWSClient(basicHttpBinding, endpointAddress);

_ws.ClientCredentials.ClientCertificate.SetCertificate(
    StoreLocation.LocalMachine,
    StoreName.My,
    X509FindType.FindBySubjectName,
    "name");

_ws.ClientCredentials.ServiceCertificate.SslCertificateAuthentication =
    new X509ServiceCertificateAuthentication()
    {
        CertificateValidationMode = X509CertificateValidationMode.PeerTrust,
        RevocationMode = X509RevocationMode.NoCheck
    };

System.Net.ServicePointManager.ServerCertificateValidationCallback +=
    (se, cert, chain, sslerror) =>
    {
        return true;
    };
Solution

  • Ok, as I was trying to spot all the differences between the dev machine and production machine, I remembered that IIS Express uses the current user to run the website, while full IIS runs, by default, the website on the ApplicationPoolIdentity user.

    Thus, I changed the application pool on the production machine to run as the administrator and it worked. I couldn't manage to find out why that works though.