runtime: The handler does not support client authentication certificates with this combination of libcurl (7.54.0) and its SSL backend ("LibreSSL/2.0.20")

I’m having an issue when calling an endpoint with the following code, and I don’t know what can solve that critical issue on mac:

var handler = new HttpClientHandler();
handler.ClientCertificates.Add(cert);
var client = new HttpClient(handler);
var result = await client.GetAsync(url);

The error is below:

System.PlatformNotSupportedException: The handler does not support client authentication certificates with this combination of libcurl (7.54.0) and its SSL backend ("LibreSSL/2.0.20").
   at System.Net.Http.CurlHandler.SslProvider.SetSslOptions(EasyRequest easy, ClientCertificateOption clientCertOption)
   at System.Net.Http.CurlHandler.EasyRequest.InitializeCurl()
   at System.Net.Http.CurlHandler.MultiAgent.ActivateNewRequest(EasyRequest easy)
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
   at System.Net.Http.HttpClient.<FinishSendAsyncBuffered>d__58.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()

curl --version

curl 7.54.0 (x86_64-apple-darwin17.0) libcurl/7.54.0 LibreSSL/2.0.20 zlib/1.2.11 nghttp2/1.24.0
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz HTTP2 UnixSockets HTTPS-proxy

dotnet info

.NET Command Line Tools (2.1.4)

Product Information:
 Version:            2.1.4
 Commit SHA-1 hash:  5e8add2190

Runtime Environment:
 OS Name:     Mac OS X
 OS Version:  10.13
 OS Platform: Darwin
 RID:         osx.10.12-x64
 Base Path:   /usr/local/share/dotnet/sdk/2.1.4/

Microsoft .NET Core Shared Framework Host

  Version  : 2.0.5
  Build    : 17373eb129b3b05aa18ece963f8795d65ef8ea54

About this issue

Original URL
State: closed
Created 6 years ago
Reactions: 4
Comments: 27 (14 by maintainers)

Commits related to this issue

Project file changes to make Cohesity PowerShell Module work with PS 6.0 on Mac OS. - Removed netstandard2.0 from target frameworks. We will have two packages. Cohesity.PowerShell and Cohesity.PowerS... — committed to cohesity/cohesity-powershell-module by sagnihotri-cohesity 6 years ago

Most upvoted comments

@karelz the code is:

var handler = new HttpClientHandler();

handler.ServerCertificateCustomValidationCallback = System.Net.Http.HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
handler.ClientCertificates.Add(cert);

var client = new HttpClient(handler);
var result = await client.GetAsync(url);

is that correct?

mayconbeserra on Feb 11, 2018

@mayconbeserra I suspect you’re not getting libcurl 7.58 on your loader path. I’m able to get it with e.g. DYLD_LIBRARY_PATH=/usr/local/opt/curl/lib dotnet run.

That doesn’t fix the issue, though:

Unhandled Exception: System.PlatformNotSupportedException: The handler does not support client authentication certificates with this combination of libcurl (7.58.0) and its SSL backend ("OpenSSL/1.0.2n").

jrr on Feb 9, 2018