Solution for “Request Entity Too Large” error

In terms of performance, the above suggestion actually has the potential to significantly increase your memory consumption and negatively impact your application.

I came across the exact same issue early this year, and initially thought that your suggestion above would be an obvious way to solve it.

Unfortunately, further reading revealed the knock on effects of ramping up the sizes as suggested.

The answer came partially from this post:

https://forums.iis.net/t/1161838.aspx

Basically, what you need to do is force the server to negotiate the client certificate *before* it does anything else, and that way your server won't complain about being unable to buffer the request body as it will already have done the negotiation.

Here's the steps to follow

1) Open a command prompt

2) Run netsh http show sslcert
3) Note down the Certificate Hash and Application ID values for Your app (typically running on port 443 or similar)
4) Delete the existing certificate binding for port 443 (or whichever port you're using)

netsh http delete sslcert ipport=0.0.0.0:443

5) Re-create the port binding using the same certificate hash and application id that you noted in step 3 ensuring the appid is enclosed in braces as shown in the example below

Caution - below is an example - you need to substitute the certhash and appid before executing

netsh http add sslcert ipport=0.0.0.0:443 certhash=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx appid={xxxxx-xxxxx-xxxx-xxxx-xxxxxx} certstorename=WebHosting verifyclientcertrevocation=enable VerifyRevocationWithCachedClientCertOnly=disable UsageCheck=Enable clientcertnegotiation=enable

6) Run netsh http show sslcert
7) Validate that the Negotiate Client Certificate setting for the port is now enabled.

You should then find you can submit your request without having to do anything else at all 🙂