Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3453
  • Last Modified:

How to accept ssl cert automatically through httpRequest?

Hi

I use the code to get the xml return from a web service.

It throws exception:

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

How can I code it in VC# to automatically accept the cert?

I use ASP.NET and C#.

WebRequest request = WebRequest.Create(url);
WebResponse response = request.GetResponse();

Open in new window

0
techques
Asked:
techques
  • 5
  • 4
1 Solution
 
GiftsonDJohnCommented:
If the SSL certificate is not valid it will throw the error. You can override the Certificate Check by using following code.
ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(CheckServerCertificateValid);
 
private static bool CheckServerCertificateValid(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
        {
            if (cert.Subject.Equals("CN=xxxx, OU=xxxx, O=xxxx, L=xxxx, S=xx, C=xx"))
            {
 
                return true;
 
            }
 
            return false;
 
        }

Open in new window

0
 
GiftsonDJohnCommented:
I have did a validation check to bypass the certificate only from a desired server. If you want to enable all certificates, just ignore the conditions. The value for the certificate validation can be obtained from your certificate properties.
0
 
techquesAuthor Commented:
The type or namespace name 'X509Certificate' could not be found (are you missing a using directive or an assembly reference?)
0
Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

 
GiftsonDJohnCommented:
please include

using System.Security.Cryptography.X509Certificates;
0
 
techquesAuthor Commented:
yes, i included using System.Security.Cryptography.X509Certificates;

The type or namespace name 'SslPolicyErrors' could not be found

0
 
techquesAuthor Commented:
I added
using System.Net.Security and it can compile. However, when I run your code, it throws the same error:

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure

It did not bypass the cert.
0
 
GiftsonDJohnCommented:
Can you please post the code?
0
 
techquesAuthor Commented:
Here is the code:

string h = "https://Hostmachine/csdb/servlet/Check?MSISDN="+me+"&Username=username&Password=password";

was tested with real ip, username and password
    private string Check(string me)
    {
        string h = "https://Hostmachine/servlet/Check?MSISDN="+me+"&Username=username&Password=password";
        ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(CheckServerCertificateValid);
 
        WebRequest request = WebRequest.Create(h);
        WebResponse response = request.GetResponse();
 
        Stream s = response.GetResponseStream();
        StreamReader sreader = new StreamReader(s);
        String str = sreader.ReadToEnd();
        XmlDocument doc = new XmlDocument();
        doc.LoadXml(str);
        XmlNode node = doc.SelectSingleNode("//sourcecode");
        string str_code = node.InnerText;
        string str_num = "";
 
        if (str_code.Equals("500"))
        {
            str_num = "505";
        }
        return str_num;
    }
 
    private static bool CheckServerCertificateValid(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
    {
        if (cert.Subject.Equals("CN=xxxx, OU=xxxx, O=xxxx, L=xxxx, S=xx, C=xx"))
        {
            return true;
        }
        return false;
    }

Open in new window

0
 
GiftsonDJohnCommented:
Okay here is the problem.

 private static bool CheckServerCertificateValid(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
    {
        if (cert.Subject.Equals("CN=xxxx, OU=xxxx, O=xxxx, L=xxxx, S=xx, C=xx"))
        {
            return true;
        }
        return false;
    }

the cert.Subject.Equals("CN=xxxx, OU=xxxx, O=xxxx, L=xxxx, S=xx, C=xx") should match your certificate signature. else ignore the condition. simply use

private static bool CheckServerCertificateValid(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
    {      
            return true;    
    }

0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now