Making POST request fails due to invalid or wrong certificate
I am trying to make a POST request in an UWP C# app, based on this example - Method A. The code for my example is:
string scriptname = "myscript.php";
var content = new FormUrlEncodedContent(values);
//Exception Line (103):
var response = await client.PostAsync("https://myserver.ddns.net/" + scriptname, content);
var responseString = await response.Content.ReadAsStringAsync();
string SJson = responseString.ToString();
messagedialog.Content = SJson;
Exception log:
System.Net.Http.HttpRequestException
HResult=0x80072F0D
Message=An error occurred while sending the request.
Source=System.Net.Http
StackTrace: at System.Net.Http.HttpClientHandler.d__86.MoveNext() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Net.Http.HttpClient.d__58.MoveNext() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter1.GetResult() at Aplikacija_iFE.MainPage.d__10.MoveNext() in D:\Onedrive\myproject\myproject\App\App\MainPage.xaml.cs:line 103
Inner Exception 1: COMException: The text associated with this error code could not be found.
Overitelj digitalnih potrdil ni veljaven ali pa je napačen
The bold string is in my native language and tells me that the CA is invalid or wrong (Basically it is ,because I signed it myself). Can this error be fixed temporarily with some C# code or must I replace the certificate?
My HTTPS (Apache) server is on a Debian 9 machine.
Edit (10:20 PM): Working code
The following code works for now, but it is ugly, highly insecure, and just a shane for me as a student who's new to programming :|
string scriptname = "MyRestAPI.php";
HttpFormUrlEncodedContent content = new HttpFormUrlEncodedContent(values);
HttpResponseMessage response = new HttpResponseMessage();
try
{
client = new HttpClient();
response = await client.PostAsync(new Uri("https://myserver.ddns.net/" + scriptname), content);
}
catch (Exception e)
{
HttpBaseProtocolFilter filter = new HttpBaseProtocolFilter();
ChainValidationResult[] results = new ChainValidationResult []
{
ChainValidationResult.Untrusted, ChainValidationResult.WrongUsage,
ChainValidationResult.BasicConstraintsError, ChainValidationResult.Expired,
ChainValidationResult.IncompleteChain, ChainValidationResult.InvalidCertificateAuthorityPolicy,
ChainValidationResult.InvalidName, ChainValidationResult.OtherErrors,
ChainValidationResult.RevocationFailure, ChainValidationResult.RevocationInformationMissing,
ChainValidationResult.Revoked, ChainValidationResult.UnknownCriticalExtension
};
for(int i=0;i<results.Length;i++)
{
try
{
filter.IgnorableServerCertificateErrors.Add(results[i]);
client = new HttpClient(filter);
response = await client.PostAsync(new Uri("https://myserver.ddns.net/" + scriptname), content);
}
catch
{
continue;
}
}
client = new HttpClient(filter);
response = await client.PostAsync(new Uri("https://myserver.ddns.net/" + scriptname), content);
}
finally
{
client.Dispose();
}
messagedialog.Content = response.Content.ToString();
S4NNY11 Answer
You can wither use a config to ignore this error in development environment or make your client to trust the certificate, i.e just add the certificate to your trusted root on your client.
ShettyUser contributions licensed under CC BY-SA 3.0