Tatham Oddie

Debugging SSL/TLS problems in .NET

with 4 comments

In my previous post I discussed  some issues I discovered with SSL client certificates.

For this application, I’m dealing with PayPal. Rather annoylingly, if your client certificate doesn’t check out, they don’t even bother sending an error – they just drop the TCP connection mid-SSL-handshake. Depending on how fast the connection loss is realised, .NET can return a few different errors; none of which are actually much use when it comes to debugging.

Luckily, System.Net (as with most other areas of the framework) has wonderful tracing capabilities. Particularly with a complex process like an SSL handshake, these capabilities become critical to debugging.

Better yet – they’re incredibly easy to use. Just add a block like this to the end of your app.config!

<system.diagnostics>
  <trace autoflush="true"/>
  <sources>
    <source name="System.Net" maxdatasize="1024">
      <listeners>
        <add name="TraceFile"/>
      </listeners>
    </source>
    <source name="System.Net.Sockets" maxdatasize="1024">
      <listeners>
        <add name="TraceFile"/>
      </listeners>
    </source>
  </sources>
  <sharedListeners>
    <add name="TraceFile" type="System.Diagnostics.TextWriterTraceListener"
      initializeData="trace.log"/>
  </sharedListeners>
  <switches>
    <add name="System.Net" value="Verbose" />
    <add name="System.Net.Sockets" value="Verbose" />
  </switches>
</system.diagnostics>

Now, run your app again and take a look at the wonderful lines being added to your bin\Debug\trace.log file.

Written by Tatham Oddie

May 23, 2007 at 14:56

Posted in Uncategorized

«
»

4 Responses

Subscribe to comments with RSS.

  1. My Visual Web Developer studio underlined the following part:
    maxdatasize=”1024″
    Indicating that maxdatasize attribute is not declared.
    I just rempved it from the code and it worked fine.

    Izzeddeen

    May 14, 2008 at 00:31

    Reply

    • This is just an IntelliSense issue. The trace provider will still receive the attribute and react. It won’t really affect things having it there (IntelliSense will just show the false error) or not (it’ll log in a different batch size).

      Tatham Oddie

      September 9, 2011 at 11:19

      Reply

  2. Hi Mr. Oddie

    My VS 2010 Professional didn’t like the ‘maxdatasize’ attribute either. However, after compiling and running my app – a dll – I don’t see anywhere in my file system such a ‘trace.log’ file.

    Do you/anyone know/s why? A reply would be greatly appreciated

    Salvador

    May 13, 2011 at 13:23

    Reply

    • You can change trace.log in the config to point to an absolute path like c:\temp\trace.log if you want. Sometimes the relative path can be a bit hard to track down based on how the app is loaded.

      Tatham Oddie

      September 9, 2011 at 11:18

      Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

Please log in to WordPress.com to post a comment to your blog.

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.