Debugging SSL/TLS problems in .NET
In my previous post I discussed some issues I discovered with SSL client certificates.
For this application, I’m dealing with PayPal. Rather annoylingly, if your client certificate doesn’t check out, they don’t even bother sending an error – they just drop the TCP connection mid-SSL-handshake. Depending on how fast the connection loss is realised, .NET can return a few different errors; none of which are actually much use when it comes to debugging.
Luckily, System.Net (as with most other areas of the framework) has wonderful tracing capabilities. Particularly with a complex process like an SSL handshake, these capabilities become critical to debugging.
Better yet – they’re incredibly easy to use. Just add a block like this to the end of your app.config!
<system.diagnostics>
<trace autoflush="true"/>
<sources>
<source name="System.Net" maxdatasize="1024">
<listeners>
<add name="TraceFile"/>
</listeners>
</source>
<source name="System.Net.Sockets" maxdatasize="1024">
<listeners>
<add name="TraceFile"/>
</listeners>
</source>
</sources>
<sharedListeners>
<add name="TraceFile" type="System.Diagnostics.TextWriterTraceListener"
initializeData="trace.log"/>
</sharedListeners>
<switches>
<add name="System.Net" value="Verbose" />
<add name="System.Net.Sockets" value="Verbose" />
</switches>
</system.diagnostics>
Now, run your app again and take a look at the wonderful lines being added to your bin\Debug\trace.log file.
My Visual Web Developer studio underlined the following part:
maxdatasize=”1024″
Indicating that maxdatasize attribute is not declared.
I just rempved it from the code and it worked fine.
Izzeddeen
May 14, 2008 at 00:31