Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

WebClient + HTTPS Issues

I am currently integrating with a system created by a 3rd party. This system requires me to send a request using XML/HTTPS. The 3rd party send me the certificate and I installed it

I use the following code:

using (WebClient client = new WebClient()) {    client.Headers.Add(HttpRequestHeader.ContentType, "text/xml");     System.Text.ASCIIEncoding  encoding=new System.Text.ASCIIEncoding();    var response = client.UploadData(address, "POST", encoding.GetBytes(msg)); } 

This code returns the following WebException:

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

UPDATE Because it's a test server I am working against, the certificate isn't trusted and validation fails... To bypass this in test/debug environment, create a new ServerCertificateValidationCallback

ServicePointManager.ServerCertificateValidationCallback += new System.Net.Security.RemoteCertificateValidationCallback(bypassAllCertificateStuff); 

and here is my "fake" callback

private static bool bypassAllCertificateStuff(object sender, X509Certificate cert, X509Chain chain, System.Net.Security.SslPolicyErrors error) {    return true; } 

Read more here and here

like image 718
rudigrobler Avatar asked Feb 11 '09 11:02

rudigrobler


2 Answers

The shortest notation of the code to allow all certificates is actually:

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; }; 

And works well for this error. Needless to say that you should provide an implementation which actually checks the certificate and decides based on the certificate information if the communication is safe. For test purposes, use the above line of code.

like image 108
Koen Zomers Avatar answered Sep 20 '22 23:09

Koen Zomers


For the VB.NET version of the original answer, here you go (converters don't work well when needing to wire up events with the 'AddressOf' operator). 1st code that goes before using a WebClient() or HttpWebRequest() object:

ServicePointManager.ServerCertificateValidationCallback = New System.Net.Security.RemoteCertificateValidationCallback(AddressOf bypassAllCertificateStuff) 

..and the wired up method code:

Private Shared Function bypassAllCertificateStuff(ByVal sender As Object, ByVal cert As X509Certificate, ByVal chain As X509Chain, ByVal [error] As System.Net.Security.SslPolicyErrors) As Boolean     Return True End Function 
like image 33
atconway Avatar answered Sep 20 '22 23:09

atconway