Solved

How to accept ssl cert automatically through httpRequest?

Posted on 2009-04-07
9
3,414 Views
Last Modified: 2013-12-17
Hi

I use the code to get the xml return from a web service.

It throws exception:

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

How can I code it in VC# to automatically accept the cert?

I use ASP.NET and C#.

WebRequest request = WebRequest.Create(url);
WebResponse response = request.GetResponse();

Open in new window

0
Comment
Question by:techques
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 14

Expert Comment

by:GiftsonDJohn
ID: 24094356
If the SSL certificate is not valid it will throw the error. You can override the Certificate Check by using following code.
ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(CheckServerCertificateValid);
 
private static bool CheckServerCertificateValid(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
        {
            if (cert.Subject.Equals("CN=xxxx, OU=xxxx, O=xxxx, L=xxxx, S=xx, C=xx"))
            {
 
                return true;
 
            }
 
            return false;
 
        }

Open in new window

0
 
LVL 14

Expert Comment

by:GiftsonDJohn
ID: 24094364
I have did a validation check to bypass the certificate only from a desired server. If you want to enable all certificates, just ignore the conditions. The value for the certificate validation can be obtained from your certificate properties.
0
 

Author Comment

by:techques
ID: 24094372
The type or namespace name 'X509Certificate' could not be found (are you missing a using directive or an assembly reference?)
0
Get Actionable Data from Your Monitoring Solution

Your communication platform is only as good as the relevance of the information you send. Ensure your alerts get to the right people every time with actionable responses. Create escalation rules that ensure everyone follows the process and nothing is left to chance.

 
LVL 14

Expert Comment

by:GiftsonDJohn
ID: 24094598
please include

using System.Security.Cryptography.X509Certificates;
0
 

Author Comment

by:techques
ID: 24094738
yes, i included using System.Security.Cryptography.X509Certificates;

The type or namespace name 'SslPolicyErrors' could not be found

0
 

Author Comment

by:techques
ID: 24094891
I added
using System.Net.Security and it can compile. However, when I run your code, it throws the same error:

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure

It did not bypass the cert.
0
 
LVL 14

Expert Comment

by:GiftsonDJohn
ID: 24094927
Can you please post the code?
0
 

Author Comment

by:techques
ID: 24095010
Here is the code:

string h = "https://Hostmachine/csdb/servlet/Check?MSISDN="+me+"&Username=username&Password=password";

was tested with real ip, username and password
    private string Check(string me)
    {
        string h = "https://Hostmachine/servlet/Check?MSISDN="+me+"&Username=username&Password=password";
        ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(CheckServerCertificateValid);
 
        WebRequest request = WebRequest.Create(h);
        WebResponse response = request.GetResponse();
 
        Stream s = response.GetResponseStream();
        StreamReader sreader = new StreamReader(s);
        String str = sreader.ReadToEnd();
        XmlDocument doc = new XmlDocument();
        doc.LoadXml(str);
        XmlNode node = doc.SelectSingleNode("//sourcecode");
        string str_code = node.InnerText;
        string str_num = "";
 
        if (str_code.Equals("500"))
        {
            str_num = "505";
        }
        return str_num;
    }
 
    private static bool CheckServerCertificateValid(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
    {
        if (cert.Subject.Equals("CN=xxxx, OU=xxxx, O=xxxx, L=xxxx, S=xx, C=xx"))
        {
            return true;
        }
        return false;
    }

Open in new window

0
 
LVL 14

Accepted Solution

by:
GiftsonDJohn earned 50 total points
ID: 24095100
Okay here is the problem.

 private static bool CheckServerCertificateValid(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
    {
        if (cert.Subject.Equals("CN=xxxx, OU=xxxx, O=xxxx, L=xxxx, S=xx, C=xx"))
        {
            return true;
        }
        return false;
    }

the cert.Subject.Equals("CN=xxxx, OU=xxxx, O=xxxx, L=xxxx, S=xx, C=xx") should match your certificate signature. else ignore the condition. simply use

private static bool CheckServerCertificateValid(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors error)
    {      
            return true;    
    }

0

Featured Post

Containers & Docker to Create a Powerful Team

Containers are an incredibly powerful technology that can provide you and/or your engineering team with huge productivity gains. Using containers, you can deploy, back up, replicate, and move apps and their dependencies quickly and easily.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question