I am quite new to REST services, and I am trying to call a REST service from a colleague, secured only by Username and Password.
Using Postman everything is fine, I have a GET to the URL, I select "Basic Auth", set Username and Password and get the expected result.
Now I tried it via code: Calls to other websevices per code without user/pw work just fine, but here I just get an Exception:
public async Task<List<string>> MinimalProblemShowcase()
{
string authenticationString = $"{clientId}:{clientSecret}"; // no typo, values are copy/pasted
string base64EncodedAuthenticationString = Convert.ToBase64String(Encoding.UTF8.GetBytes(authenticationString));
_client.DefaultRequestHeaders.Add("Authorization", "Basic " + base64EncodedAuthenticationString);
try
{
var httpResponse = _client.GetAsync(Url).Result;
// ToDo: evaluate httpResponse - but we don't get here...
}
catch (Exception ex)
{
// ...instead we drop here:
// System.Net.Http.HttpRequestException:
// The SSL connection could not be established, see inner exception.
// --->System.Security.Authentication.AuthenticationException:
// The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot
}
return [];
}
As indicated, I get
System.Net.Http.HttpRequestException:
The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException:
The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot
I am not aware of using certificates explicitely, but if so, it's on the same machine...
I suspect, it is just a minor detail I am missing, but what...? Thank you for any hint or help!
You could ignore the certificate untrusted issue by configure the httpclient
var httpClientHandler = new HttpClientHandler();
httpClientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, sslPolicyErrors) =>{return true;};
builder.Services.AddScoped<HttpClient>(sp => new HttpClient(httpClientHandler));
Or you could do some validation with that certificate you are using.
httpClientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, sslPolicyErrors) => {
if (cert.GetCertHashString() == "A7E2BA992F4F2BE220559B8A5371F05A00A6E750") //FingerPrint of the certificate
{
return true;
}
return false;
};
A standard way to solve this is you need to check if the Certificate Authority chains certs has been installed to windows. If they got correctly installed, you will needn't above settings. It should be valid when you run with visual studio.