Skip to content
December 1, 2018 / kiranpatils

Toolcore publishing fix for TLS 1.2

Challenge:

We love automation and so as our clients. For almost all our clients, We do automatic deployment. Using Teamcity and Octopus.

As you know Sitecore automatic deployment is not easy, it involves the lot of things like ASP.NET MVC Files, DLLs, Sitecore Items, and Sitecore publishing. For Sitecore publishing we use : http://fortis.ws/fortis-collection/toolcore/publishing/

Which works best. But recently it was failing and we started getting error related to TLS after integrating it with Sitecore 9.0.2 installation deployed on Azure App Service.

You are also facing same error with Toolcore Publishing module? Then this post is for you!

Solution:

We did quick search and came across this SO thread — Which has some pointers for solution : https://sitecore.stackexchange.com/questions/13706/all-sitecore-8-2-x-azure-topologies-seem-to-be-effected-because-of-tls-issues

Microsoft disabled support of TLS 1.0 on App Services recently (https://social.msdn.microsoft.com/Forums/en-US/9dace9cb-a1a8-4f77-af26-324bc2b6740e/tls-plans-for-azure-app-service?forum=windowsazurewebsitespreviewenter link description here)

Technical details can be found here: Transport Layer Security (TLS) best practices with the .NET Framework

https://kb.sitecore.net/articles/688903

Any .Net call relying on TLS 1.0 is leading to authentication issues on Azure App Services:
Exception
System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. --->
System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. --->
System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host.

We tried switching our Azure App service to TLS 1.0 and it worked!

I know, You must be thinking this is not the best solution. And so, as we!

You might have noticed from above links that, If any application is making HttpRequest using .NET HttpRequest class and using TLS 1.0 then it won’t work. And Solution is either changing code (ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12) and using TLS 1.2 or compile your application using >=.NET Framework 4.6.0 version and above as it uses TLS 1.2 by default. This makes perfect sense!

But how does it impat Toolcore publishing? After digging bit we understood that FortisCollections.Toolcore.Publish.Service has .asmx web service which is deployed on Sitecore CM Server and FortisCollections.Toolcore.Publish.Runner console application has Proxy which is invoked.

This was Eureka moment!

Thought to check with Jason (repo contributor) via github : https://github.com/Fortis-Collection/Toolcore/issues/5

And parallely thought to fix it by forking it and compiling it with new version — And it worked!

Obviously, So, as you I got busy after that and never got a chance to share it back with larger community. Couple of days back, one of my colleague, reached out to me requesting compiled DLL package and that was a moment, I realized this weekend. Have to share it with larger world!

PR Created : https://github.com/Fortis-Collection/Toolcore/pulls and waiting for Jason to approve. But till then you can use it if you are also facing similar issue!

Hope you go home after fixing this! 🙂




Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: