An existing connection was forcibly closed by the remote host


I am trying to set up our AWS based web site to authenticate our clients using their Okta credentials.
I am getting a 500 Internal error response from Okta - see stack trace below.
Could you please tell me what could be the problem, and how I should resolve it?

Thank you for your help!

IDX10803: Unable to create to obtain configuration from: ‘’.]

HTTP response: 500 Internal Server Error
Request.HttpMethod = GET
Connection = close
Accept-Encoding = gzip, compressed
Host =
User-Agent = ELB-HealthChecker/2.0
Context.User.Identity.Name =
Request.UserHostAddress =
Request.UserHostName =
Request.UrlReferrer =
Request.Form variables:
Exception detail:
[System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host]
at System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult)
at System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult)

[System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.]
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)

Are you using your org authorization server to access the well-known endpoint? If you are using a free account / do not have API Access Management this endpoint will not work with a custom authorization server.

I’ve also seen this error if you are not using TLS 1.2 in your .NET code.

Hi Okta support,
I am in the process of working with our client to figure this out. It is moving slowly.
So far, I fixed the TSL 1.2, and I learned that the client is using a return url different from what we expect.
When I learn more, I will come back here and update this thread.
Thank you for your help!

This was resolved when we found that return uri’s were wrong.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.