IIS randomly returns 413 Request Entity Too Large when uploading large files and using TLS
I have an ISAPI application running on IIS, which is meant to support uploads of files of any size. On one server, uploads seemingly randomly fail with 413 Request Entity Too Large
or time out when using HTTPS, and the only remedy seems to be setting uploadReadAheadSize
to a value larger than the uploaded file. This would, however, limit the size of uploaded files to 2GB (the maximum value of uploadReadAheadSize
), which is unacceptable.
- Windows Server 2012 (and corresponding IIS version)
- Server does NOT require client certificates (but client was probably - and unexpectedly - sending them?!)
- The problem does not occur on any other servers (and there are lots of them) where the same application is installed, and where
uploadReadAheadSize
is set to the default (49152 bytes). - The error is returned by IIS, and there is no WAF or similar intermediate component involved.
- The error occurs when sending from any host, including from the server host itself.
- The error occurs when uploading with a browser client as well as a thick client (a native Windows application).
- Shortening the request body actually does prevent the error from occurring.
- The identical request can fail or succeed (e.g., when replayed with Fiddler)
What could possibly be causing this, and how should I go about debugging this?
(NOTE: I have seen several similar questions on StackOverflow and here, but in those scenarios, either client certificates are meant to be used, or the application is based on WCF - which ours isn't - or the problem was not independent of uploadReadAheadSize
or TLS)
Also, what is a good source for understanding what uploadReadAheadSize
actually does and what is happening "under the hood"? Microsoft's official documentation is rather sparse.
Got a similar error on IIS Express with Visual Studio 2017 and it actually was uploadReadAheadSize
.
Error:
HTTP Error 413.0 - Request Entity Too Large
The page was not displayed because the request entity is too large.
Most likely causes:
The Web server is refusing to service the request because the request entity is too large.
The Web server cannot service the request because it is trying to negotiate a client certificate but the request entity is too large.
The request URL or the physical mapping to the URL (i.e., the physical file system path to the URL's content) is too long.
Things you can try:
Verify that the request is valid.
If using client certificates, try:
Increasing system.webServer/serverRuntime@uploadReadAheadSize
Configure your SSL endpoint to negotiate client certificates as part of the initial SSL handshake. (netsh http add sslcert ... clientcertnegotiation=enable) .vs\config\applicationhost.config
Added solution here but the same principal can be used for a real IIS as well. Edit \.vs\config\applicationhost.config
. Switch serverRuntime
from Deny
to Allow
like this:
<section name="serverRuntime" overrideModeDefault="Allow" />
Then edit Web.config
with the following values:
<system.webServer>
<serverRuntime uploadReadAheadSize="10485760" />
...