Solved

SSL NOMATCH issue when using proxies in HTTP request

Posted on 2009-06-26
7
979 Views
Last Modified: 2012-06-27
     This warning may be caused by using an IP address or a hostname that differs from that found in the certificate.
      WinVerifyTrustWarning: CERT_E_CN_NO_MATCH
      Status = 0x800b010f
      (warning) SSL Server Certificate not verified.


Basically, the IP in the SSL certificate is not the same as the IP of the proxy that it is going through... This causes the SSL certificate to go unverified when communicating with webg services.

I am using the CHILKAT HTTP class.

I would love to find out why this is happening. It always happens when connecting to any SSL HTTPS link.
Dim prxip As String = proxinf(0)
        Dim prxport As String = proxinf(1)
        If RadSocks.Checked = True Then
            http.SocksHostname = prxip
            http.SocksPort = prxport
            http.ConnectTimeout = Me.NumTim.Value
            http.ProxyPort = Nothing
        Else
            http.ProxyDomain = prxip
            http.ConnectTimeout = Me.NumTim.Value
            http.ProxyPort = prxport
        End If
 
        If Me.ChkSSL.Checked = True Then
            Dim req As New HttpRequest()
            Dim resp As New HttpResponse()
            resp = http.SynchronousRequest("https://www.google.com", 443, True, req)
        Else
            http.QuickGetStr("http://www.google.com/")
        End If

Open in new window

0
Comment
Question by:Idkfawin32
  • 4
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
jfer0x01 earned 250 total points
ID: 24726694
Hello,

according to

http://msdn.microsoft.com/en-us/library/bb648706(VS.85).aspx

Match the CN and the device address. For example, if the operating system is connecting to https://mydevice.contoso.com:5358/, then the CN of the server certificate must be mydevice.contoso.com.

Also

this issue is further discussed in

http://stackoverflow.com/questions/799272/why-cant-one-ssl-certificate-be-used-for-multiple-machines

it seems to me, your proxy servers must probably have a root certificate installed, ex. blah.com instead of host.blah.com

Hope this helps

Jfer
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24755946
any luck?
0
 

Author Comment

by:Idkfawin32
ID: 24757437
No luck, I just switched my entire application over to normal .Net HTTPWebRequests
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 9

Expert Comment

by:jfer0x01
ID: 24806812
Did switching to .Net Web Requests improve your situation?
0
 

Author Comment

by:Idkfawin32
ID: 24807463
Yes, it resolved the issue. It was a huge pain but it solved everything.
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24812129
Ok,

i guess you can close question then

Jfer
0
 

Author Closing Comment

by:Idkfawin32
ID: 31597081
The solution wasn't exactly a solution but it did lead me to the answer and that is good enough for me.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword This article was written many years ago, in the days when PHP supported the MySQL extension (http://php.net/manual/en/function.mysql-connect.php).  Today (http://php.net/manual/en/migration70.removed-exts-sapis.php) you would not use MySQL…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question