I am trying to configure a TLS connection with an application running on a (local) virtual machine using C # HttpClient on Windows. However, each time this results in a RemoteCertificateNameMismatch error.
This piece of code:
HttpClientHandler handler = new HttpClientHandler(); handler.ServerCertificateCustomValidationCallback = (request, cert, chain, policyErrors) => { Console.WriteLine($"Policy Errors: {policyErrors}"); return policyErrors == SslPolicyErrors.None; }; HttpClient httpClient = new HttpClient(handler) { BaseAddress = new Uri("https://192.168.99.100/engine-rest") }; var result = httpClient.GetAsync("/engine").Result;
Results of this error:
Policy Errors: RemoteCertificateNameMismatch Unhandled Exception: System.AggregateException: One or more errors occurred. (An error occurred while sending the request.) ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.WinHttpxception: A security error occurred at System.Net.Http.WinHttpRequestCallback.OnRequestSendingRequest(WinHttpRequestState state) at System.Net.Http.WinHttpRequestCallback.RequestCallback(IntPtr handle, WinHttpRequestState state, UInt32 internetStatus, IntPtr statusInformation, UInt32 statusInformationLength)
However, my certificate is valid according to Google Chrome and Mozilla Firefox, but not for Internet Explorer.
See screenshot from Chrome. The certificate seems to be valid. I created my own certificate authority certificate (self-signed certificate), then I used it to create the server certificate. I filled in the title of the topic. As an alternative topic name (SAN), I added an IP address.
Is the IP address field inside the SAN field not supported in IE and HttpClient? If so, is there another way to verify the server certificate using the IP address?
I am using dotnet core 2.0.
source share