runtime: Unable to ignore SSL certificate validation, request in curl works fine

I am getting the exception bellow when calling a specific HTTPS url, it works for others and same url works fine with curl and other clients.

Our system setup:

OS: Ubuntu 16.04 amd64 Dotnet Core Version: 3.1.100

Curl in same server for same exact URL returns fine. Note that the callback and the exception triggers after around 100 seconds, like a client timeout it seems

I am aware of the possible solution by signing the certificate again (#30242) but I don’t have control over this. Plus it doesn’t explain why curl accepts the certificate and I wonder if there is a way to complete avoid the check of the certificate, which seems like the callaback returning true should but is not working

I also tried the DangerousAcceptAnyServerCertificateValidator in the callback but no difference.

    $ dotnet run
    4/11/2020 2:05:55 PM Calling URL: https://URL
    4/11/2020 2:07:37 PM Validating Cert
    Unhandled exception. System.Threading.Tasks.TaskCanceledException: The operation was canceled.
        at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
        at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean allowHttp2, CancellationToken cancellationToken)
        at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
        at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
        at testapp.Program.Main(String[] args) in /home/kepex/project/Program.cs:line 23
        at testapp.Program.<Main>(String[] args)    

    using System;
    using System.Threading.Tasks;
    using System.Net.Http;

    namespace testapp
    {
        class Program
        {
            static async Task Main(string[] args)
            {
                var url = "https://URL";
                var handler = new HttpClientHandler()
                {
                    ServerCertificateCustomValidationCallback = (message, cert, chain, sslPolicyErrors) => {  Console.WriteLine(DateTime.Now.ToString() + " Validating Cert"); return true; }
                };
                var client = new HttpClient(handler);
                Console.WriteLine(DateTime.Now.ToString() + " Calling URL: " + url);
                var res = await client.GetAsync(url);
                Console.WriteLine(DateTime.Now.ToString() +" Response Status Code:" + res.StatusCode);
            }
        }
    }

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 20 (13 by maintainers)

Most upvoted comments

ok @rdasan. It is unlikely we will be able to figure out root cause without some more info. I don’t know if @kEpEx has any more updates but I think his issue is different even if the outcome looks similar.

+1
wfurt on Jun 19, 2020
Read more comments on GitHub
← runtime: Unable to hijack thread in empty while (true) loop
runtime: Unable to install dotnet-sdk on Ubuntu 17.10 →