Strange issue with the REST helper

Ok, great, I’ll just ask a user to leave me his computer for a while. Thanks again.

Ok, this interesting. My machine, which was working correctly all the time is now presenting the same issue. I installed fiddler and I can see that in fact it seems to be a certificate issue. Since this happens in my machine, I can confirm that RequestLog is empty.

In fiddler, I get:

‘’’

fiddler.network.https> HTTPS handshake to epicor01 (for #10) failed. 
System.Security.Authentication.AuthenticationException The remote certificate was rejected by the 
provided RemoteCertificateValidationCallback.

‘’’

I have no idea what happened with my computer, since it was working fine, but at least I have a better way to find out. Although it is worrisome that this might happen all the time if some updates kick in. Anyway, do you know how to solve this? I am guessing that I must configure something in the client machines to avoid it.

No, I can see that this happens when I capture with fiddler. If I capture, the requests fails with that message. In both environments.

If I close fiddler, everything works again…

Did you click the Trust Certificate? and Install the Root Cert? It needs a root cert so it can de crypt the SSL Traffic.

1 Like

Go to Settings in Fiddler Select Capture HTTPS Traffic and click Trust Root Certficate
image

Click yes
image

1 Like

Also URL you connect must be the same as in certificate

Yes, I clicked that button. Later, I also checked the Ignore server certificate errors(unsafe) and that allowed me to keep working normally in my computer.

I now installed fiddler in a machine with presents the problem with the same configuration. Click Trust root certificate, Capture HTTPS traffic and Ignoer server certificate erros.

And I get this error when trying to access LIVE environment.

fiddler.network.https> HTTPS handshake to epicor01 (for #10) failed. System.IO.IOException Unable to read data from the transport connection: Se ha forzado la interrupción de una conexión existente por el host remoto.. < Se ha forzado la interrupción de una conexión existente por el host remoto.

Sorry about the spanish part. It says that existing connection has been forcefuly interrupted by remote host.

I went to check the logs on the server, but it doesn’t bring anything related. I am looking through the IIS log now…

It seems your Live server /Client only supports TLS 1.1 I’m guessing you have an older Windows Server running in Live? What version is it? (of windows)

Follow these steps to get the version of TLS /SSL your Client / Server are using
Navigate to that REST Url in the browser first then follow these steps

Both Server and client are using TLS 1.2 apparently, also both LIVE and TEST are in windows 2012 r2 servers.

The connection to this site is encrypted and authenticated using TLS 1.2, RSA, and AES_256_GCM.
RSA key exchange is obsolete. Enable an ECDHE-based cipher suite.

When you get this error

fiddler.network.https> HTTPS handshake to epicor01 (for #10) failed. System.IO.IOException Unable to read data from the transport connection: Se ha forzado la interrupción de una conexión existente por el host remoto.. < Se ha forzado la interrupción de una conexión existente por el host remoto.

This error comes when you try to use your app while running fiddler in that box right?

What version of Windows is the Client?

Yes, that error appears as soon as try the first request. I tried it(same application) with TEST and the handshake is normal.

In this case(machine with fiddlet) the computer is running Windows 8.1, but I have the same issue with some Windows 10 computers. While I have other computers in Windows 7, 8, 8.1 and 10 working fine.

Wait no, sorry, confused the error message. That Message you are showing happens in my working computer, whenever I try the application with fiddler working and not having the Ignore server certificate errors.

Interesting so if you do it with Test fiddler works fine, but if you do it with Live you get that error… That still smells like a misconfigured TLS /SSL

You should see in fiddler the Hand Shake happen can you share the entire hand shake that shows up in fiddler (everything you see for that connection)

Sure, this is in my working computer. With Ignore certificate errors in Fiddler.

Which now, it doesn’t work again in either TEST or LIVE… Which adds to the mistery.since it worked just moments ago(with that Ignore certs error checked, now it doesn’t)

If I tell fiddler not to capture HTTPS traffic. The application works fine. I guess that is related to the certificate or cipher.

Let me get screenshots from a non working machine in the next post.

Is this for live? It says SSL V3 which is incredibly old your server is responding with SSL V3

You need to disable or uplift that to take 1.2

And this is a non working computer. That is, works in TEST but not in LIVE.
After starting capture in fiddler.

This is LIVE

This is TEST

So it seems fiddler causes the requests to fail also, even on TEST. However, the error messages are different.

This is very odd ugh but it’s definitely something specific to your server client setuo

Can you call the API via postman okay?

In those machines, no, but I can make the request with no problem through the web browser. I mean through the //SERVER/Environment/api/ link (swagger).

Should I install POSTMAN to test that also? I would think that it will give the same result as the Web call.

Yes postman may give you a better answer
See if it fails