Solved

SSL NOMATCH issue when using proxies in HTTP request

Posted on 2009-06-26
7
1,003 Views
Last Modified: 2012-06-27
     This warning may be caused by using an IP address or a hostname that differs from that found in the certificate.
      WinVerifyTrustWarning: CERT_E_CN_NO_MATCH
      Status = 0x800b010f
      (warning) SSL Server Certificate not verified.


Basically, the IP in the SSL certificate is not the same as the IP of the proxy that it is going through... This causes the SSL certificate to go unverified when communicating with webg services.

I am using the CHILKAT HTTP class.

I would love to find out why this is happening. It always happens when connecting to any SSL HTTPS link.
Dim prxip As String = proxinf(0)
        Dim prxport As String = proxinf(1)
        If RadSocks.Checked = True Then
            http.SocksHostname = prxip
            http.SocksPort = prxport
            http.ConnectTimeout = Me.NumTim.Value
            http.ProxyPort = Nothing
        Else
            http.ProxyDomain = prxip
            http.ConnectTimeout = Me.NumTim.Value
            http.ProxyPort = prxport
        End If
 
        If Me.ChkSSL.Checked = True Then
            Dim req As New HttpRequest()
            Dim resp As New HttpResponse()
            resp = http.SynchronousRequest("https://www.google.com", 443, True, req)
        Else
            http.QuickGetStr("http://www.google.com/")
        End If

Open in new window

0
Comment
Question by:Idkfawin32
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
jfer0x01 earned 250 total points
ID: 24726694
Hello,

according to

http://msdn.microsoft.com/en-us/library/bb648706(VS.85).aspx

Match the CN and the device address. For example, if the operating system is connecting to https://mydevice.contoso.com:5358/, then the CN of the server certificate must be mydevice.contoso.com.

Also

this issue is further discussed in

http://stackoverflow.com/questions/799272/why-cant-one-ssl-certificate-be-used-for-multiple-machines

it seems to me, your proxy servers must probably have a root certificate installed, ex. blah.com instead of host.blah.com

Hope this helps

Jfer
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24755946
any luck?
0
 

Author Comment

by:Idkfawin32
ID: 24757437
No luck, I just switched my entire application over to normal .Net HTTPWebRequests
0
Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

 
LVL 9

Expert Comment

by:jfer0x01
ID: 24806812
Did switching to .Net Web Requests improve your situation?
0
 

Author Comment

by:Idkfawin32
ID: 24807463
Yes, it resolved the issue. It was a huge pain but it solved everything.
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24812129
Ok,

i guess you can close question then

Jfer
0
 

Author Closing Comment

by:Idkfawin32
ID: 31597081
The solution wasn't exactly a solution but it did lead me to the answer and that is good enough for me.
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Parsing a CSV file is a task that we are confronted with regularly, and although there are a vast number of means to do this, as a newbie, the field can be confusing and the tools can seem complex. A simple solution to parsing a customized CSV fi…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question