Solution for “None of the cipher suites supported by the client application are supported by the server”

My SSL requests failed when the client was Windows Server 2003, and the server (a win7 box) showed this error in the event log:

An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

I spent days trying to fix it, trying about twenty different things. In the end, the real solution was to generate the SSL certificates again from scratch, this time forcing RSA and SHA1 (though SHA1 should be the default anyway). I used:

makecert -pe -r -ss my -sr localMachine -n “CN=[domain name or IP address]” -e 01/01/2099 -a sha1 -eku 1.3.6.1.5.5.7.3.1 -sky exchange -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12

Here is what all the switches mean:

-pe include private key

-r self-signed

-ss my put cert into “Personal” certificate store

-sr localMachine use local machine’s cert stores (not current user’s)

-n common name (external IP or domain name of server)

-e expiry date

-a sha1 use SHA1

-eku 1.3.6.1.5.5.7.3.1 enhanced key usage Object Identifier (OID) for “SSL server certificate”

-sky exchange cert is for key exchange

-sp “Microsoft RSA SChannel Cryptographic Provider” use RSA

-sy 12 CryptoAPI provider type

For some reason Win Server 2k3 couldn’t or wouldn’t use the right ciphers with a default makecert certificate.

Hope this helps someone.

Advertisements

Use Winmerge with AnkhSVN

That’s not a suggestion.

If you use AnkhSVN but haven’t already set up AnkhSVN to use Winmerge for merging and comparing, do it immediately (it’s much better than the default tool, and it’s free):

  1. Install Winmerge
  2. Open up Visual Studio and choose Tools > Options.
  3. Expand Source Control (if you can’t see it, make sure you have “show all settings” ticked)
  4. Choose Subversion User Tools
  5. For External Diff Tool and External Merge Tool, choose Winmerge.

Now you can diff and merge files (and whole folders – handy when production and source control get out of sync!) easily:

Hint: hold ALT and use the arrow keys. Up and down move you between changes, left and right copies the change from one document to the other. This allows you to find and merge the changes you need in seconds.

ASP.NET AJAX Scriptmanager error

I recently had a problem using ASP.NET AJAX where I got an error message something like this:

The base class includes the field ‘ScriptManager1’, but its type (System.Web.UI.ScriptManager) is not compatible with the type of control (System.Web.UI.ScriptManager).

I had no idea how a particular type could be incompatible with itself, so I checked Stack Overflow (easily the best question and answer site for programmers). I found a question about this problem, but none of the existing answers worked for me. I googled around a bit, and eventually solved the problem. So here’s the answer for anyone else who might have this problem:

I managed to fix it by adding this to web.config:

<runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
        <dependentAssembly>
            <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/>
                <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
        </dependentAssembly>
        <dependentAssembly>
            <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/>
            <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
        </dependentAssembly>
    </assemblyBinding>
</runtime>

I believe it forces the .net runtime to use the new versions of those assemblies.

I added this to the Stack Overflow question too, for posterity. That’s one of the cool things about Stack Exchange sites, the platform encourages questions to be solved properly, once and for all, and then easily found by anyone coming later.

Obviously it helped a lot of people – my answer fast became the top answer (by far) and I earned the rare “necromancer” badge for resurrecting an old question with a popular answer.

So there you go: if you found this through searching for answers to the above problem, I hope I’ve helped you solve it. If you’re in need of answers for programming, or a heap of other things, see if there’s a stack exchange site for you. If not, propose one.