SyntaxFix

[.net] Bypass invalid SSL certificate errors when calling web services in .Net

We are setting up a new SharePoint for which we don't have a valid SSL certificate yet. I would like to call the Lists web service on it to retrieve some meta data about the setup. However, when I try to do this, I get the exception:

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

The nested exception contains the error message:

The remote certificate is invalid according to the validation procedure.

This is correct since we are using a temporary certificate.

My question is: how can I tell the .Net web service client (SoapHttpClientProtocol) to ignore these errors?

This question is related to .net web-services sharepoint

The answer is

Alternatively you can register a call back delegate which ignores the certification error:

...
ServicePointManager.ServerCertificateValidationCallback = MyCertHandler;
...

static bool MyCertHandler(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors error)
{
// Ignore errors
return true;
}

Like Jason S's answer:

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

I put this in my Main and look to my app.config and test if (ConfigurationManager.AppSettings["IgnoreSSLCertificates"] == "True") before calling that line of code.

To further expand on Simon Johnsons post - Ideally you want a solution that will simulate the conditions you will see in production and modifying your code won't do that and could be dangerous if you forget to take the code out before you deploy it.

You will need a self-signed certificate of some sort. If you're using IIS Express you will have one of these already, you'll just have to find it. Open Firefox or whatever browser you like and go to your dev website. You should be able to view the certificate information from the URL bar and depending on your browser you should be able to export the certificate to a file.

Next, open MMC.exe, and add the Certificate snap-in. Import your certificate file into the Trusted Root Certificate Authorities store and that's all you should need. It's important to make sure it goes into that store and not some other store like 'Personal'. If you're unfamiliar with MMC or certificates, there are numerous websites with information how to do this.

Now, your computer as a whole will implicitly trust any certificates that it has generated itself and you won't need to add code to handle this specially. When you move to production it will continue to work provided you have a proper valid certificate installed there. Don't do this on a production server - that would be bad and it won't work for any other clients other than those on the server itself.

I solved it this way:

Call the following just before calling your ssl webservice that cause that error:

using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;

/// <summary>
/// solution for exception
/// System.Net.WebException: 
/// The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
/// </summary>
public static void BypassCertificateError()
{
    ServicePointManager.ServerCertificateValidationCallback +=

        delegate(
            Object sender1,
            X509Certificate certificate,
            X509Chain chain,
            SslPolicyErrors sslPolicyErrors)
        {
            return true;
        };
}

I was having same error using DownloadString; and was able to make it works as below with suggestions on this page

System.Net.WebClient client = new System.Net.WebClient();            
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
string sHttpResonse = client.DownloadString(sUrl);

Alternatively you can register a call back delegate which ignores the certification error:

...
ServicePointManager.ServerCertificateValidationCallback = MyCertHandler;
...

static bool MyCertHandler(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors error)
{
// Ignore errors
return true;
}

For newbies, you can extend your partial service class in a separate cs file and add the code the code provided by "imanabidi" to get it integrated

ServicePointManager.ServerCertificateValidationCallback +=
            (mender, certificate, chain, sslPolicyErrors) => true;

will bypass invaild ssl . Write it to your web service constructor.

Source: Stackoverflow.com

Examples related to .net

You must add a reference to assembly 'netstandard, Version=2.0.0.0 How to use Bootstrap 4 in ASP.NET Core No authenticationScheme was specified, and there was no DefaultChallengeScheme found with default authentification and custom authorization .net Core 2.0 - Package was restored using .NetFramework 4.6.1 instead of target framework .netCore 2.0. The package may not be fully compatible Update .NET web service to use TLS 1.2 EF Core add-migration Build Failed What is the difference between .NET Core and .NET Standard Class Library project types? Visual Studio 2017 - Could not load file or assembly 'System.Runtime, Version=4.1.0.0' or one of its dependencies Nuget connection attempt failed "Unable to load the service index for source" Token based authentication in Web API without any user interface

Examples related to web-services

How do I POST XML data to a webservice with Postman? How to send json data in POST request using C# org.springframework.web.client.HttpClientErrorException: 400 Bad Request How to call a REST web service API from JavaScript? The request was rejected because no multipart boundary was found in springboot Generating Request/Response XML from a WSDL How to send a POST request using volley with string body? How to send post request to the below post method using postman rest client How to pass a JSON array as a parameter in URL Postman Chrome: What is the difference between form-data, x-www-form-urlencoded and raw

Examples related to sharepoint

SharePoint 2013 get current user using JavaScript "Object doesn't support this property or method" error in IE11 How to open SharePoint files in Chrome/Firefox Powershell Error "The term 'Get-SPWeb' is not recognized as the name of a cmdlet, function..." Error :The remote server returned an error: (401) Unauthorized Best way to resolve file path too long exception Could not load file or assembly '' or one of its dependencies Reasons for a 409/Conflict HTTP error when uploading a file to sharepoint using a .NET WebRequest? CAML query with nested ANDs and ORs for multiple fields How to pass credentials to httpwebrequest for accessing SharePoint Library

Tags

Infoview Html-parsing Ddos Xmpp Ps3 Proj4js Aol Getlatest .net-micro-framework Mms-gateway Ax Update-attribute Stringbyevaluatingjavascr Linux-device-driver Tlistview Neko Zend-framework Editplus Uframe Recent-documents Akamai Carriage-return Project-web-access Appserver Settingslogic Nsuserdefaults Childactivity Was Cd-rom Mpfr Ellipse Django-unittest Concatenative-language Finite-element-analysis Hoverintent Predicatebuilder Flymake Showuserlocation Wcf-routing Jflex Navigator Yahoo-weather-api Python-nose Erp Acid3 Resizegrip Avvideocomposition Sunos Webchartcontrol Social-media Dynamic-memory-allocation Hittest Custom-routes Touchpad Interpreted-language Scrolledcomposite Forum Rpy2 Audioformat Jdk1.5 Gwt-rpc Rails-agnostic Tibco-ems Htmlbridge Xxtea Symfony-1.4 Twisted.client Msmq Png Cgimage Castle-dynamicproxy Antialiasing Clientbin Restlet-2.0 Nsbundle Qtconcurrent Gtk Msxsl Comexception Device-instance-id Remoteobject Jsonplugin Unit-of-work Jpl Web-mining Radio-button Terminal-server Regasm Named-scope Onvp8 Stagefright Curry Monitors Magit Sml Dialog Dataadapter Mainclass Uilocalnotification Autodie