I have a simple ASPX page that is used to get HTTP response from another web site and parse the data. I assign the web link to a string and use the httpWebRequest and httpWebResponse.See below sample code.
The problem I have is the remote site is SSL https and has a certificate. I am running on windows server and have used the mmc to install the certificate and copy it to the Local Computer on my ASPX web server. Now when I run IE a direct URL to the remote
site it works without certificate popup BUT, my VB code in aspx file still encounters the error "The remote certificate is invalid according to the validation procedure". This should be working but it seems that ASPX does not know how to find my local computer
or user certificates so that it is found and this error is satisfied. I also rebooted the ASP IIS web server and problem persists. Can someone shed some light on this>
e.g.
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Dim strURL As String
Dim strResult As String
Dim wbrq As HttpWebRequest
Dim wbrs As HttpWebResponse
Dim sr As StreamReader
' Set the URL (and query values)
'strURL = "https://167.13.9.115"
' Create the web request
wbrq = WebRequest.Create(strURL)
wbrq.Method = "GET"
' Read the returned data
wbrs = wbrq.GetResponse
sr = New StreamReader(wbrs.GetResponseStream)
strResult = sr.ReadToEnd.Trim
sr.Close()
' Write the returned data out to the page
TextBox1.Text = strResult
End Sub
End Class
RESOLVED By editing web.config file and adding section to system.net area
Thank you for sharing your solutions and experience here. It will be very beneficial for other community members who have similar questions. If you have any difficulty in future programming, we welcome you to post in forums again.
Best wishes,
Please mark the replies as answers if they help or unmark if not.
Feedback to us
I could be mistaken, but it's probably not a good idea to set checkCertificateName and checkCertificateRevocationList to False. I'm not 100% sure, but I think setting those properties to false *might* open your customers up to hijacking attacks. If your
VB.NET code doesn't check the certificateName of the remote site, then I think someone else could come along and perform some sort of Man-In-The-Middle poisoning to redirect your WebApp to their site instead of the site you really want to go to. When this
happens, I don't think your customers would know what hit them.
I'm not sure, but what might be going on is that the strURL variable you are using to construct your WebRequest does not exactly match the URL you are using when you visit the remote site manually. If that is all it is, you can probably just modify your
code to ensure strURL is using the exact address that you use when you manually visit the site. Sometimes, the domain names in the certificates can be slightly different that what you might expect. This might be especially true if you happen to have shortcut
aliases for the main website. Your certificate might be for the Fully Qualified Domain Name but the URL you are visiting in your code might be for an abbreviated Domain Name. For Example,
jpsanders (awesome)
of Microsoft said:
Mr. Sander's blog post illustrates an example of just how picky certificiates can be for SSL encryption. This is a feature
. Embrace it. If you go through the techniques mentioned in Mr. Sander's blog, I'm pretty sure you can
resolve this issue without lowering the security of your website.
Now, I think I will go back to thinking about something that really matters like Video Games ...
Best,
Shawn
Microsoft Certified Technology Specialist
(Web Applications Development with Microsoft .NET Framework 4)
NOTE: I welcome comments to correct me when I am wrong so I may continue to learn more and someday achieve MCPD.
gogginl
Member
79 Points
264 Posts
The remote certificate is invalid according to the validation procedure for basic HTTPRequest to ...
May 08, 2012 02:07 PM|LINK
I have a simple ASPX page that is used to get HTTP response from another web site and parse the data. I assign the web link to a string and use the httpWebRequest and httpWebResponse.See below sample code.
The problem I have is the remote site is SSL https and has a certificate. I am running on windows server and have used the mmc to install the certificate and copy it to the Local Computer on my ASPX web server. Now when I run IE a direct URL to the remote site it works without certificate popup BUT, my VB code in aspx file still encounters the error "The remote certificate is invalid according to the validation procedure". This should be working but it seems that ASPX does not know how to find my local computer or user certificates so that it is found and this error is satisfied. I also rebooted the ASP IIS web server and problem persists. Can someone shed some light on this>
e.g.
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Dim strURL As String
Dim strResult As String
Dim wbrq As HttpWebRequest
Dim wbrs As HttpWebResponse
Dim sr As StreamReader
' Set the URL (and query values)
'strURL = "https://167.13.9.115"
' Create the web request
wbrq = WebRequest.Create(strURL)
wbrq.Method = "GET"
' Read the returned data
wbrs = wbrq.GetResponse
sr = New StreamReader(wbrs.GetResponseStream)
strResult = sr.ReadToEnd.Trim
sr.Close()
' Write the returned data out to the page
TextBox1.Text = strResult
End Sub
End Class
RESOLVED By editing web.config file and adding section to system.net area
<settings>
<servicePointManager
checkCertificateName="false"
checkCertificateRevocationList="false"
/>
</settings>
gogginl
Member
79 Points
264 Posts
Re: The remote certificate is invalid according to the validation procedure for basic HTTPRequest...
May 11, 2012 06:27 PM|LINK
I resolved this by adding the below code to web.config
<system.net>
<settings>
<servicePointManager
checkCertificateName="false"
checkCertificateRevocationList="false" />
</system.net>
</settings>
Catherine Sh...
All-Star
23382 Points
2490 Posts
Microsoft
Re: The remote certificate is invalid according to the validation procedure for basic HTTPRequest...
May 18, 2012 09:04 AM|LINK
Hi,
I'm glad to hear that you resolve this issue.
Thank you for sharing your solutions and experience here. It will be very beneficial for other community members who have similar questions. If you have any difficulty in future programming, we welcome you to post in forums again.
Best wishes,
Feedback to us
Develop and promote your apps in Windows Store
immujji
Member
4 Points
2 Posts
Re: The remote certificate is invalid according to the validation procedure for basic HTTPRequest...
Oct 11, 2012 10:42 PM|LINK
I tried this but still no progress....
It gives me this error.
The remote server returned an error: (530) Not logged in.
plz let me know.
thanks,
Mujeeb.
gogginl
Member
79 Points
264 Posts
Re: The remote certificate is invalid according to the validation procedure for basic HTTPRequest...
Oct 19, 2012 07:35 PM|LINK
You have to make sure the browser itself has the certificate installed. There are many web hit on doing this.
Ths web.Config statement are only needed if you are doing this in code behind.
Shawn Eary
Member
317 Points
53 Posts
Re: The remote certificate is invalid according to the validation procedure for basic HTTPRequest...
Nov 21, 2012 03:12 AM|LINK
gogginl:
I could be mistaken, but it's probably not a good idea to set checkCertificateName and checkCertificateRevocationList to False. I'm not 100% sure, but I think setting those properties to false *might* open your customers up to hijacking attacks. If your VB.NET code doesn't check the certificateName of the remote site, then I think someone else could come along and perform some sort of Man-In-The-Middle poisoning to redirect your WebApp to their site instead of the site you really want to go to. When this happens, I don't think your customers would know what hit them.
I'm not sure, but what might be going on is that the strURL variable you are using to construct your WebRequest does not exactly match the URL you are using when you visit the remote site manually. If that is all it is, you can probably just modify your code to ensure strURL is using the exact address that you use when you manually visit the site. Sometimes, the domain names in the certificates can be slightly different that what you might expect. This might be especially true if you happen to have shortcut aliases for the main website. Your certificate might be for the Fully Qualified Domain Name but the URL you are visiting in your code might be for an abbreviated Domain Name. For Example, jpsanders (
awesome
)
of Microsoft said:
"But I still got the certificate error… To avoid a long discussion about this, the problem is simple. I typed in https://jsanders4 but note the certificate is for the full domain name of this machine. If I instead browse to https://jsanders4.northamerica.corp.microsoft.com then I get no certificate error. "
http://blogs.msdn.com/b/jpsanders/archive/2009/09/16/troubleshooting-asp-net-the-remote-certificate-is-invalid-according-to-the-validation-procedure.aspx
Mr. Sander's blog post illustrates an example of just how picky certificiates can be for SSL encryption. This is a feature
. Embrace it. If you go through the techniques mentioned in Mr. Sander's blog, I'm pretty sure you can
resolve this issue without lowering the security of your website.
Now, I think I will go back to thinking about something that really matters like Video Games
...
Best,
Shawn
Microsoft Certified Technology Specialist
(Web Applications Development with Microsoft .NET Framework 4)
NOTE: I welcome comments to correct me when I am wrong so I may continue to learn more and someday achieve MCPD.