Solved

SSL NOMATCH issue when using proxies in HTTP request

Posted on 2009-06-26
7
959 Views
Last Modified: 2012-06-27
     This warning may be caused by using an IP address or a hostname that differs from that found in the certificate.
      WinVerifyTrustWarning: CERT_E_CN_NO_MATCH
      Status = 0x800b010f
      (warning) SSL Server Certificate not verified.


Basically, the IP in the SSL certificate is not the same as the IP of the proxy that it is going through... This causes the SSL certificate to go unverified when communicating with webg services.

I am using the CHILKAT HTTP class.

I would love to find out why this is happening. It always happens when connecting to any SSL HTTPS link.
Dim prxip As String = proxinf(0)

        Dim prxport As String = proxinf(1)

        If RadSocks.Checked = True Then

            http.SocksHostname = prxip

            http.SocksPort = prxport

            http.ConnectTimeout = Me.NumTim.Value

            http.ProxyPort = Nothing

        Else

            http.ProxyDomain = prxip

            http.ConnectTimeout = Me.NumTim.Value

            http.ProxyPort = prxport

        End If

 

        If Me.ChkSSL.Checked = True Then

            Dim req As New HttpRequest()

            Dim resp As New HttpResponse()

            resp = http.SynchronousRequest("https://www.google.com", 443, True, req)

        Else

            http.QuickGetStr("http://www.google.com/")

        End If

Open in new window

0
Comment
Question by:Idkfawin32
  • 4
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
jfer0x01 earned 250 total points
ID: 24726694
Hello,

according to

http://msdn.microsoft.com/en-us/library/bb648706(VS.85).aspx

Match the CN and the device address. For example, if the operating system is connecting to https://mydevice.contoso.com:5358/, then the CN of the server certificate must be mydevice.contoso.com.

Also

this issue is further discussed in

http://stackoverflow.com/questions/799272/why-cant-one-ssl-certificate-be-used-for-multiple-machines

it seems to me, your proxy servers must probably have a root certificate installed, ex. blah.com instead of host.blah.com

Hope this helps

Jfer
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24755946
any luck?
0
 

Author Comment

by:Idkfawin32
ID: 24757437
No luck, I just switched my entire application over to normal .Net HTTPWebRequests
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 9

Expert Comment

by:jfer0x01
ID: 24806812
Did switching to .Net Web Requests improve your situation?
0
 

Author Comment

by:Idkfawin32
ID: 24807463
Yes, it resolved the issue. It was a huge pain but it solved everything.
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24812129
Ok,

i guess you can close question then

Jfer
0
 

Author Closing Comment

by:Idkfawin32
ID: 31597081
The solution wasn't exactly a solution but it did lead me to the answer and that is good enough for me.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Foreword In the years since this article was written, numerous hacking attacks have targeted password-protected web sites.  The storage of client passwords has become a subject of much discussion, some of it useful and some of it misguided.  Of cou…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now