What could cause "The certificate key algorithm is not supported" exception on a GET web request

Question

We are trying to connect to the facebook api from a asp .net MVC 4.6 app using a standard webrequest. Everything works fine on all but one of our servers. The server in question is running windows 2012 and IIS 8.

On this particular server we get the following exception when running a GET webrequest to facebook.

The certificate key algorithm is not supported.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.NotSupportedException: The certificate key algorithm is not supported.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[NotSupportedException: The certificate key algorithm is not supported.] System.Net.TlsStream.EndWrite(IAsyncResult asyncResult) +409 System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar) +213

[WebException: The underlying connection was closed: An unexpected error occurred on a send.]
System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult) +894 System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar) +92

[HttpRequestException: An error occurred while sending the request.]
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +96 System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() +49

The code looks like this:

    // Request
    private static async Task<T> Request<T>(string url) where T : class
    {
        using (var handler = new WebRequestHandler())
        {
            handler.ServerCertificateValidationCallback = delegate { return true; };
            using (var client = new HttpClient(handler) { Timeout = System.TimeSpan.FromSeconds(20) })
            {
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                var result = await client.GetAsync(url);
                if (result == null) return null;
                var model = await result.Content.ReadAsAsync<T>();
                return model;
            }
        }
    }

We are scratching our heads as to why this works on all but one of our servers.

Does anyone have any ideas what might cause this error and how to resolve it.

Thanks.

Answer 1

I managed to replicate the problem and it appears to be bug in network tracing which causes X509Certificate2.ToString(true) to be set which intern throws the exception.

The only solution I have found is to delete the whole ‘System.Dianositics’ section which will disable the logging.