I have some websites that some times fails on connecting to a 3rd party SOAP WS. It happen most when there a lot of requests to the 3rd party WS. So it not fails every time, only some times - and mostly when there is a lot of requests to the 3rd party ws.
It have been fixed on our on premises servers with IIS Crypto. All disabled checkbox was checked before.
But on Azure WebApp we cant controls theese settings - any idea what to do?
Heres is the code of the binding and more to the 3rd party soap ws:
public static CustomBinding GetDefaultBinding()
{
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
AsymmetricSecurityBindingElement securityElement = new AsymmetricSecurityBindingElement();
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12;
securityElement.InitiatorTokenParameters = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.IssuerSerial, SecurityTokenInclusionMode.Never);
securityElement.RecipientTokenParameters = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.IssuerSerial, SecurityTokenInclusionMode.Never);
securityElement.ProtectTokens = true;
securityElement.MessageProtectionOrder = MessageProtectionOrder.SignBeforeEncrypt;
securityElement.RequireSignatureConfirmation = true;
securityElement.SecurityHeaderLayout = SecurityHeaderLayout.Lax;
securityElement.EnableUnsecuredResponse = true;
securityElement.IncludeTimestamp = true;
securityElement.SetKeyDerivation(false);
securityElement.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic128Rsa15;
securityElement.EndpointSupportingTokenParameters.SignedEncrypted.Add(new UserNameSecurityTokenParameters());
securityElement.AllowSerializedSigningTokenOnReply = true;
CustomBinding myBinding = new CustomBinding();
myBinding.Elements.Add(securityElement);
TextMessageEncodingBindingElement element = new TextMessageEncodingBindingElement(MessageVersion.Soap11WSAddressing10, Encoding.UTF8);
element.ReaderQuotas.MaxStringContentLength = int.MaxValue;
element.ReaderQuotas.MaxDepth = int.MaxValue;
element.ReaderQuotas.MaxArrayLength = int.MaxValue;
element.ReaderQuotas.MaxBytesPerRead = int.MaxValue;
element.ReaderQuotas.MaxNameTableCharCount = int.MaxValue;
myBinding.Elements.Add(element);
HttpsTransportBindingElement httpsBindingElement = new HttpsTransportBindingElement();
httpsBindingElement.RequireClientCertificate = true;
httpsBindingElement.MaxBufferPoolSize = int.MaxValue;
httpsBindingElement.MaxBufferSize = int.MaxValue;
httpsBindingElement.MaxReceivedMessageSize = int.MaxValue;
httpsBindingElement.KeepAliveEnabled = false;
httpsBindingElement.AllowCookies = false;
myBinding.Elements.Add(httpsBindingElement);
myBinding.CloseTimeout = new TimeSpan(0, 10, 0);
myBinding.ReceiveTimeout = new TimeSpan(0, 10, 0);
myBinding.SendTimeout = new TimeSpan(0, 10, 0);
return myBinding;
}
private void ConfigureClientCredentials(ClientCredentials cc)
{
if (cc == null) return;
cc.UserName.UserName = Options.WebserviceUsername;
cc.UserName.Password = Options.AuthPassword;
cc.ClientCertificate.Certificate = Options.ClientCertificate;
cc.ServiceCertificate.DefaultCertificate = Options.IbaCertificate;
cc.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
}
private void ConfigureEndPoint(ServiceEndpoint endpoint)
{
endpoint.Contract.ProtectionLevel = ProtectionLevel.EncryptAndSign;
endpoint.EndpointBehaviors.Add(new CustomEndpointBehavior());
}
