EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Timeout trying to check CRL in Windows Phone 7

Posted: 06/05/2014 07:52:17
by Jochem Burger (Priority Standard support level)
Joined: 02/18/2014
Posts: 6

We are developing an app for Windows Phone 7 and Windows Phone 8 that verifies several certificates used in the SSL connections.
While testing it, we've encounter that in Windows Phone 7 we get this exception:

Exception occured
assembly file version:
exception ocurred: 05/06/2014 10:43:08
Network.NetworkException: No response received from the server ---> SBSocket.EElSocketError: Connection timeout (error code is 96270)

After further investigation we've seen that if we set the checkCRL property to false from the certificate validator, it doesn't raise that exception any more.
This only happens in windows phone 7, as in WP8 seems to work fine (whether we disable the CRL check or not).
Could it be a bug from the library? Is there something else we could check?
Thanks in advance
Posted: 06/05/2014 08:01:16
by Vsevolod Ievgiienko (Team)

Thank you for contacting us.

What you can to is to increase timeout. This can be done inside TElX509CertificateValidator.OnBeforeCRLRetrieverUse event handler. You should check the type of its Retriever parameter and

1) if its TElLDAPCRLRetriever, then change its TElLDAPCRLRetriever.LDAPSClient.ReceiveTimeout property;
2) if its TElHTTPCRLRetriever then change TElHTTPCRLRetriever.HTTPClient.SocketTimeout property.
Posted: 06/10/2014 03:34:57
by Jochem Burger (Priority Standard support level)
Joined: 02/18/2014
Posts: 6

Hi Vsevolod,

I've tried your solution, increasing the timeout time to 60 seconds, but it still crashes throwing the same exception.
While debugging I've seen that in a Windows Phone 7 device it calls OnBeforeCRLRetrieverUse and then almost inmediatly OnCRLError (and the exception is thrown). However if I try it in a Windows Phone 8 device, it works fine, that is it calls OnBeforeCRLRetrieverUse and then OnCRLRetrieved and of course no exception.

Could it be a bug in the Library? It only happens in windows phone 7 devices, but we need to support both.

Thanks again.
Posted: 06/10/2014 03:46:47
by Vsevolod Ievgiienko (Team)

Is code for both targets the same? Its possible that you didn't initialize CRL retrievers for Windows Phone 7.
Posted: 06/10/2014 04:08:30
by Jochem Burger (Priority Standard support level)
Joined: 02/18/2014
Posts: 6

Yes the code is the same for both platforms
Posted: 06/10/2014 04:35:07
by Ken Ivanov (Team)

Hi Jochem,

The problem apparently has connectivity-related roots. Could you please check if your Windows 7 device can actually make HTTP requests to the outer world? Just create an instance of TElHTTPSClient in your code and check if Get() to some 'www.google.com' works out. Knowing the outcome of that we could decide on the direction of the investigation.

Posted: 06/10/2014 04:36:55
by Eugene Mayevski (Team)

To answer your question about a "bug" - there can be no "bug" as such because the compiled code is the same. There's something specific to WP7.

Let's try to re-check your requirements. What is the exact version of WP7 that you use - is it 7.0, 7.1/7.5, 7.8 ?

Sincerely yours
Eugene Mayevski
Posted: 06/10/2014 04:37:30
by Ken Ivanov (Team)

And a quick follow-up question - where exactly does the CRL in problem reside? Is it a web or a LDAP responder; if it's the former, is that an HTTP or HTTPS resource?
Posted: 06/10/2014 04:49:42
by Jochem Burger (Priority Standard support level)
Joined: 02/18/2014
Posts: 6

Thanks for all your help.

I've tried in 5-6 different devices with all WP7 versions from 7.0 to 7.8.
If I do a get request to google, as suggested above, I have no problems with it.
I's a HTTPS resource.

If I disable the CRL check, then it works just fine. In WP8 also works fine in different devices.
Posted: 06/10/2014 07:25:19
by Ken Ivanov (Team)

Thank you for the details. Could you catch a call stack of the exception for us please?



Topic viewed 1960 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!