Phidiax Tech Blog

Adventures in custom software and technology implementation.

BizTalk: TLS 1.2 Issue During Integration with AssureSign Service

Issue

Recently, we were updating our client's BizTalk application to use AssureSign. We ran into a communication issue between BizTalk and the AssureSign service.

We're able to generate the schema set based on the WSDL of AssureSign service. We built the test process to call AssureSign service's AuthenticateUser method.

Below exception returned during the test:

System.ServiceModel.CommunicationException: An error occurred while making the HTTP request to https://[ServerAddress]/Services/DocumentNOW/v2/documentnow.svc/Users/text. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host

We learned that the AssureSign service is using TLS 1.2 which BizTalk Server (2010 to 2013 R2) does not support.

https://support.assuresign.net/hc/en-us/articles/224857208-Connecting-to-AssureSign-using-the-TLS-1-2-Protocol

Solution

There are several options to resolve the issue such as building a custom behavior for the send port or the .NET component to handle the communication with AssureSign. However, we found a simpler option to resolve the issue without having to build additional code.

You need to install .NET Framework 4.5.2 (depending on the version of BizTalk Server), update the registry settings, and reboot the machine.


Create keys and DWORDs for .NET Framework 4.5.2

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] 
   “DisabledByDefault”=00000000 
   “Enabled”=00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server] 
   “DisabledByDefault”=00000000 
   “Enabled”=00000001

Create keys and DWORDs for .NET Framework 4.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
   "SchUseStrongCrypto"=00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
   "SchUseStrongCrypto"=00000001


Pingbacks and trackbacks (1)+

Loading

Privacy Policy  |  Contact  |  Careers

2009-2017 Phidiax, LLC - All Rights Reserved