Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

.NET application very slow to start - cryptnet.dll trying to access IP in Bermuda

Tags:

c#

I've built a .NET console application which worked fine for several years. Since November 23, it takes a huge amount of time to start (15 seconds) when run in production (it works fine when run from Visual Studio).

I've tried to trace back what is going on with Process Monitor (ProcMon) and I've found this pattern:

  • App starts normally
  • App loads cryptnet.dll
  • App goes to sleep and I see a series of TCP Reconnect messages where the machine tries to reach 206.53.176.17 through HTTP (which seems to be in Bermuda).
  • App queries info on cryptnet.dll
  • App tries to connect to 206.53.176.78 through HTTP.

After 15 seconds, everything starts working again (I see an access to crypt32.dll as the first thing happening the the application continues its loading).

I am completely lost: the problem is not related only to my machine, but all colleagues how are using my tool experience the same issue. This seems to have something to do with Authenticode signature verfications done while the app is being loaded.

Indeed, when trying to view the Digital Signatures of the EXE through the Explorer, clicking on Details takes 15 seconds to view the "Digital Signature Details" panel (without any error). The issuer of the certificate is defined as:

CN = QV Schweiz ICA
OU = Issuing Certificate Authority
O = QuoVadis Trustlink Schweiz AG
C = CH

and it is still valid (message says "This digital signature is OK.").

Note: The root issuer of the certificate is http://www.quovadisglobal.bm/ which happens to be in Bermuda...

like image 730
Pierre Arnaud Avatar asked Feb 28 '23 00:02

Pierre Arnaud

1 Answers

The checking of the digital signature on your assembly (Authenticode) is probably what is causing the delay.

Excerpt from this MSDN article:

Authenticode verification adds to the startup time. Authenticode-signed assemblies have to be verified with the certification authority (CA). This verification can be time consuming, because it can require connecting to the network several times to download current certificate revocation lists. It also makes sure that there is a full chain of valid certificates on the path to a trusted root. This can translate to several seconds of delay while the assembly is being loaded.

like image 175
DSO Avatar answered Apr 30 '23 12:04

DSO
Sign in to Comment

Related questions

virtual keyboard wpf
MVVM - Collection with polymorphism
How get database table name with schema name from entity programmatically [duplicate]
How can one prevent accessing content directly?
Scheduled Task using Task Scheduler Managed Wrapper
The thread has exited with code 0 in Windows Forms
Extensions Method trying to call protected methods / wrong exhibition of dynamic parameters
Does the order of extern and static matter?
Avoid from running more than one instance
How to use Visual Studio unit test to compare two XML files
Unexpected behaviour in ternary operator
XAML adding namespace for converters class
C# Dynamic SQL INSERT ... SELECT
Adding service initialization method when using Castle Windsor IoC container
IEnumerable property is null after submit
how to use classes themselves as method parameters?
Monodroid: Performing a full GC
C#: DateTime - Going through a period of days?
C# generate Guid that is unique(does not exist in a table in the database)
Processing a large file in .NET

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!