Solved

SSL NOMATCH issue when using proxies in HTTP request

Posted on 2009-06-26
7
967 Views
Last Modified: 2012-06-27
     This warning may be caused by using an IP address or a hostname that differs from that found in the certificate.
      WinVerifyTrustWarning: CERT_E_CN_NO_MATCH
      Status = 0x800b010f
      (warning) SSL Server Certificate not verified.


Basically, the IP in the SSL certificate is not the same as the IP of the proxy that it is going through... This causes the SSL certificate to go unverified when communicating with webg services.

I am using the CHILKAT HTTP class.

I would love to find out why this is happening. It always happens when connecting to any SSL HTTPS link.
Dim prxip As String = proxinf(0)
        Dim prxport As String = proxinf(1)
        If RadSocks.Checked = True Then
            http.SocksHostname = prxip
            http.SocksPort = prxport
            http.ConnectTimeout = Me.NumTim.Value
            http.ProxyPort = Nothing
        Else
            http.ProxyDomain = prxip
            http.ConnectTimeout = Me.NumTim.Value
            http.ProxyPort = prxport
        End If
 
        If Me.ChkSSL.Checked = True Then
            Dim req As New HttpRequest()
            Dim resp As New HttpResponse()
            resp = http.SynchronousRequest("https://www.google.com", 443, True, req)
        Else
            http.QuickGetStr("http://www.google.com/")
        End If

Open in new window

0
Comment
Question by:Idkfawin32
  • 4
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
jfer0x01 earned 250 total points
ID: 24726694
Hello,

according to

http://msdn.microsoft.com/en-us/library/bb648706(VS.85).aspx

Match the CN and the device address. For example, if the operating system is connecting to https://mydevice.contoso.com:5358/, then the CN of the server certificate must be mydevice.contoso.com.

Also

this issue is further discussed in

http://stackoverflow.com/questions/799272/why-cant-one-ssl-certificate-be-used-for-multiple-machines

it seems to me, your proxy servers must probably have a root certificate installed, ex. blah.com instead of host.blah.com

Hope this helps

Jfer
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24755946
any luck?
0
 

Author Comment

by:Idkfawin32
ID: 24757437
No luck, I just switched my entire application over to normal .Net HTTPWebRequests
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 9

Expert Comment

by:jfer0x01
ID: 24806812
Did switching to .Net Web Requests improve your situation?
0
 

Author Comment

by:Idkfawin32
ID: 24807463
Yes, it resolved the issue. It was a huge pain but it solved everything.
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24812129
Ok,

i guess you can close question then

Jfer
0
 

Author Closing Comment

by:Idkfawin32
ID: 31597081
The solution wasn't exactly a solution but it did lead me to the answer and that is good enough for me.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Both Easy and Powerful How easy is PHP? http://lmgtfy.com?q=how+easy+is+php  Very easy.  It has been described as "a programming language even my grandmother can use." How powerful is PHP?  http://en.wikipedia.org/wiki/PHP  Very powerful.  But a…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now