This was a problem, and we never found the exact answer on the web, so we'll talk about it here:
One of our builds was throwing a troublesome error
C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\Web\Microsoft.Web.Publishing.targets(4276,5): error : Web deployment task failed. (Could not complete the request to remote agent URL 'https://xxxxx:8172/msdeploy.axd'.)
Other elements of the error message:
This error indicates that you cannot connect to the server. Make sure the service URL
is correct, firewall and network settings on this computer and on the server computer are configured properly, and the appropriate services have been started on the server.
Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
_________________________________
These suggestions set off the usual troubleshooting: Windows firewall? Exception in place for 8172 CHECK Can we connect from the build server to the IIS target CHECK Are there known credentials, are they valid, and can you test a connection with them? CHECK
In fact, and this turned out to be a red herring: Publish from VS 2015 works!
So this implies all the publishing infrastructure is in place: WebDeploy 3.6, credentials, WMSVC...more sniffing around for something environmental
________________________________
This is what cracked it:
There was a TLS mismatch between the build server and the target. I'd start by reviewing the keys below and checking what is enabled and what is disabled:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.X
I did some syncing up in this area. But that was not sufficient and what allowed our build to start working and got us past the "forcibly closed" roadblock is the SchUseStrongCrypto reg key:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
This key forces TLS 1.2 and we had this enabled on one machine and not on the other. Syncing up these registry keys allowed the build and publish to work immediately. Simple fix, much looking.
________________________________
Duane
Comments
0 comments
Please sign in to leave a comment.