ASP.NET APIController 500 Internal Server Errors

I had a situation where locally, calling an APIController method worked fine but when I uploaded the site to an Azure service, every time I called any method I would get back a 500 Internal Server Error.  The project had a mix of standard MVC Controllers and APIControllers and the MVC Controllers worked fine but the APIControllers crashed every time.  In an attempt to figure out what was going on, I logged into the remote server and checked the IIS logs but found nothing. I could see that 500 error being returned, but got nothing from the logs or the Event Viewer.

In a normal ASP.NET MVC project you could turn off custom errors through the web.config with something like this, but that did not provide any extra information.

<customErrors mode="Off" />

After some digging, I found out that in order to return more detailed error messages from an APIController, you have to set the following setting while the application starts.  I dropped this in the Global.asax.cs Application_Start method and it provided the detailed error messages I needed.

GlobalConfiguration.Configuration.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Always;

IIS: Disappearing SSL Certificate Problem Resolved

I followed the many different articles outlining how to import SSL certificates into IIS exactly and everything worked great except for the fact that when I navigated away from the Server Certificates window, the certificate would disappear. I could see the certificate in the server’s Personal Certificate Store using MMC (Microsoft Management Console) but it wouldn’t show up in IIS.

My problem was that the certificate that I was trying to import only contained the public key and not the private. For decryption to work correctly, the server obviously needs to have both the public and the private key. To resolve the problem I created the needed PKCS #12 Certificate File following the steps outlined here, and then clicked on the Import link (not the Complete Certificate Request… link) in the Server Certificates window in IIS.

From there simply select the .pfx file, enter the password used when creating the file, and you are good to go.

Posted in IIS, Security. Tags: , , . 19 Comments »