Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

HTTP C# client: Could not create SSL/TLS secure channel

Tags:

c#

ssl

I am trying to use a HTTP API that works only with HTTPS.

I have the following error when sending a request "WebException: The request was aborted: Could not create SSL/TLS secure channel."

My project targets .NET Framework 4.7.1

I can connect to the server with Firefox but I had to add a security exception, I could export the .crt and install to my windows store and VS project.

ServicePointManager.ServerCertificateValidationCallback += 
    (message, cert, chain, errors) => true;
ServicePointManager.SecurityProtocol = 
    SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | 
    SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

handler = new HttpClientHandler();
client = new HttpClient(handler);

client.DefaultRequestHeaders.Add("Connection", "keep-alive");
client.DefaultRequestHeaders.Add("Cache-Control", "max-age=0");
client.DefaultRequestHeaders.Add("username", user);
client.DefaultRequestHeaders.Add("password", password);

handler.ClientCertificateOptions = ClientCertificateOption.Manual;

//handler.ClientCertificates.Add(new X509Certificate(@"./OnSSI.crt"));
handler.ServerCertificateCustomValidationCallback += 
    (message, cert, chain, errors) => true;

EDIT: Some more information form firefox about the certificate:

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 128bit keys, TLS1.2
PKCS #1 MD5 With RSA Encryption

EDIT2: I think that the main problem is that the callback validation function is not called by the handler, I added a breakpoint at the return true argument and it is not hitting.

EDIT3: It seems to work with .NET core 2.0, I am still looking for a solution in .NET Framework 4.7

EDIT4: I created a .NET standard library with the code, when I use a .NET framework app to start I get the error while I don't with a .NET core app

like image 408
elpha01 Avatar asked Sep 11 '25 19:09

elpha01

1 Answers

It works setting the SecurityProtocol variable only with the Tls value, as follows :

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;

Basically, it seems .NETCORE do it implicitly by selecting native Tls version protocol. .NETFRAMEWORK is less intuitive (lesser portability requirement).

like image 166
Kal Axone Avatar answered Sep 13 '25 10:09

Kal Axone

Sign in to Comment

Related questions

How to solve a Redis timeout on client side with StackExchange.Redis?
System.Drawing.Graphics Drawimage rotates picture taken from IOS to 90 degree
Serilog JsonFormatter in an ASP.Net Core 2 not being applied from appsettings file
How can I get all string from JsonReader in ReadJson method?
Copy same file from multiple threads to multiple destinations
How to dynamically resize a textbox in C#
C# split first two in string, then keep all the rest together
Im not able to mock ServiceBusReceivedMessage and ServiceBusMessageActions
Get DeviceContext of Entire Screen with Multiple Montiors
SHA1 C# equivalent of this Java
How can I pull HTML block from a external location and render it with Razor?
Exception of type 'System.ObjectDisposedException'
Microsoft.Data.SQLite: Library e_sqlite3 not found

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!