Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Bypass invalid SSL certificate errors when calling web services in .Net

Tags:

.net

web-services

sharepoint

Alternatively you can register a call back delegate which ignores the certification error:

...
ServicePointManager.ServerCertificateValidationCallback = MyCertHandler;
...

static bool MyCertHandler(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors error)
{
// Ignore errors
return true;
}

Like Jason S's answer:

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

I put this in my Main and look to my app.config and test if (ConfigurationManager.AppSettings["IgnoreSSLCertificates"] == "True") before calling that line of code.


I solved it this way:

Call the following just before calling your ssl webservice that cause that error:

using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;

/// <summary>
/// solution for exception
/// System.Net.WebException: 
/// The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
/// </summary>
public static void BypassCertificateError()
{
    ServicePointManager.ServerCertificateValidationCallback +=

        delegate(
            Object sender1,
            X509Certificate certificate,
            X509Chain chain,
            SslPolicyErrors sslPolicyErrors)
        {
            return true;
        };
}

The approach I used when faced with this problem was to add the signer of the temporary certificate to the trusted authorities list on the computer in question.

I normally do testing with certificates created with CACERT, and adding them to my trusted authorities list worked swimmingly.

Doing it this way means you don't have to add any custom code to your application and it properly simulates what will happen when your application is deployed. As such, I think this is a superior solution to turning off the check programmatically.


I was having same error using DownloadString; and was able to make it works as below with suggestions on this page

System.Net.WebClient client = new System.Net.WebClient();            
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
string sHttpResonse = client.DownloadString(sUrl);

Related questions

How to define generic type limit to primitive types?
Memory address of an object in C#
Best practice for reconnecting SignalR 2.0 .NET client to server hub
Illustrating usage of the volatile keyword in C#
How to access Session variables and set them in javascript?
MemoryCache does not obey memory limits in configuration
Use a 'try-finally' block without a 'catch' block
Lock-free multi-threading is for real threading experts
What is the recommended batch size for SqlBulkCopy?
Read a XML (from a string) and get some fields - Problems reading XML
The current .NET SDK does not support targeting .NET Core 2.1. Either target .NET Core 2.0 or lower, or use a .NET SDK that supports .NET Core 2.1
How to access the HttpServerUtility.MapPath method in a Thread or Timer?
How do I apply OrderBy on an IQueryable using a string column name within a generic extension method?
Exception: "URI formats are not supported"
Proper naming convention for a .NET Delegate type? [closed]
Finding all positions of substring in a larger string in C#
Is it important to unit test a constructor?
What is lazy initialization and why is it useful?
WebClient.DownloadString results in mangled characters due to encoding issues, but the browser is OK
GridView must be placed inside a form tag with runat="server" even after the GridView is within a form tag

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!