Receive "The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel." when using HttpWebRequest & HttpWebResponse objects
RSS
I am having an issue with some code that does a HttpWebRequest to get a response back from a URL. The code
does work... some times. Most of the time is gets the response back just fine. But on occasion I get the following error:
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation
procedure.
Any ideas?? I had read something about setting the HttpWebRequest's 'KeepAlive' property to False, which I did, but it has not permanently solved the problem.
Here is the code:
'Create an HttpWebRequest object setting the URL to post
Dim request
As HttpWebRequest =
CType(WebRequest.Create("https://www.test.com/ws/blahblahblah"), HttpWebRequest)
'Set the 'Method' property of the 'Webrequest' to 'POST'.
request.Method =
"POST"
'Create a new string with information to POST data to the Url.
Dim postData
As String =
"id=" & Trim(ID) &
"&sid=" & Trim(SID)
'Store data in a byte array using ASCII standard
Dim byte1
As Byte() = Encoding.ASCII.GetBytes(postData)
'Set the content type of the data being posted.
request.ContentType =
"application/x-www-form-urlencoded"
'Set the content length of the string being posted.
request.ContentLength = byte1.Length
'Setting KeepAlive = false results in sending a Connection: Close header to the server.
request.KeepAlive =
False
'Send the request;
'When using the POST method, you must get the request stream, write the data to be posted, and close the stream.
Dim newStream
As Stream = request.GetRequestStream()
newStream.Write(byte1, 0, byte1.Length)
newStream.Close()
'Get the HTTP response, casting to a type of HttpWebResponse
Dim response
As HttpWebResponse =
CType(request.GetResponse(), HttpWebResponse)
'Load the HTTP response into a StreamReader object
Dim sr
As New StreamReader(response.GetResponseStream, UTF8)
'Read the stream returned from the response object
Dim HTMLResponse
As String = Trim(sr.ReadToEnd())
'Based on the response, define the boolean variable dictating if the user is valid
If CStr(Replace(HTMLResponse, vbCrLf,
"")) = "Y"
Then
User =
True
Else
User =
False
End If
'Close the response object and StreamWriter (IMPORTANT)
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation
procedure.
Hi
It seems that site's certificate is rejected by the .NET framework's default CertificatePolicy. Here we can find some of best possible reasons why this happen, One workround is specify a custom certificate policy (less secure one) like this.
This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control
these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the
use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.
Best Regards
XiaoYong Dai
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Thank you for the response, I will research both of the links. Do you have any idea though why it works some of the time and other times it does not with the code I currently have?
A possible cause is that the name in the HTTP request does not always exactly match the name for the server certificate, which results in the SSL challenge and response. To work-around this, you can implement Certificate Policy, and have it accept the certificate,
so particular client could connect to this server.
Best Regards
XiaoYong Dai
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
atconway
All-Star
16444 Points
2708 Posts
Receive "The underlying connection was closed: Could not establish trust relationship for the SSL...
Oct 24, 2007 07:44 PM|LINK
I am having an issue with some code that does a HttpWebRequest to get a response back from a URL. The code does work... some times. Most of the time is gets the response back just fine. But on occasion I get the following error:
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Any ideas?? I had read something about setting the HttpWebRequest's 'KeepAlive' property to False, which I did, but it has not permanently solved the problem.
Here is the code:
'Create an HttpWebRequest object setting the URL to post Dim request As HttpWebRequest = CType(WebRequest.Create("https://www.test.com/ws/blahblahblah"), HttpWebRequest) 'Set the 'Method' property of the 'Webrequest' to 'POST'.request.Method =
"POST" 'Create a new string with information to POST data to the Url. Dim postData As String = "id=" & Trim(ID) & "&sid=" & Trim(SID) 'Store data in a byte array using ASCII standard Dim byte1 As Byte() = Encoding.ASCII.GetBytes(postData) 'Set the content type of the data being posted.request.ContentType =
"application/x-www-form-urlencoded" 'Set the content length of the string being posted.request.ContentLength = byte1.Length
'Setting KeepAlive = false results in sending a Connection: Close header to the server.request.KeepAlive =
False 'Send the request; 'When using the POST method, you must get the request stream, write the data to be posted, and close the stream. Dim newStream As Stream = request.GetRequestStream()newStream.Write(byte1, 0, byte1.Length)
newStream.Close()
'Get the HTTP response, casting to a type of HttpWebResponse Dim response As HttpWebResponse = CType(request.GetResponse(), HttpWebResponse) 'Load the HTTP response into a StreamReader object Dim sr As New StreamReader(response.GetResponseStream, UTF8) 'Read the stream returned from the response object Dim HTMLResponse As String = Trim(sr.ReadToEnd()) 'Based on the response, define the boolean variable dictating if the user is valid If CStr(Replace(HTMLResponse, vbCrLf, "")) = "Y" ThenUser =
True ElseUser =
False End If 'Close the response object and StreamWriter (IMPORTANT)response.Close()
sr.Close()
XiaoYong Dai...
All-Star
38312 Points
4229 Posts
Re: Receive "The underlying connection was closed: Could not establish trust relationship for the...
Oct 26, 2007 06:30 AM|LINK
Hi
It seems that site's certificate is rejected by the .NET framework's default CertificatePolicy. Here we can find some of best possible reasons why this happen, One workround is specify a custom certificate policy (less secure one) like this.
http://developers.de/blogs/damir_dobric/archive/2006/06/29/585.aspx
http://msdn2.microsoft.com/en-us/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx
This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.XiaoYong Dai
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
atconway
All-Star
16444 Points
2708 Posts
Re: Receive "The underlying connection was closed: Could not establish trust relationship for the...
Oct 31, 2007 02:37 PM|LINK
Thank you for the response, I will research both of the links. Do you have any idea though why it works some of the time and other times it does not with the code I currently have?
XiaoYong Dai...
All-Star
38312 Points
4229 Posts
Re: Receive "The underlying connection was closed: Could not establish trust relationship for the...
Nov 01, 2007 02:36 AM|LINK
Hi
A possible cause is that the name in the HTTP request does not always exactly match the name for the server certificate, which results in the SSL challenge and response. To work-around this, you can implement Certificate Policy, and have it accept the certificate, so particular client could connect to this server.XiaoYong Dai
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.