HttpWebRequest and SSL

I had a problem recently with a custom SharePoint page attempting to perform a HTTPWebRequest on an SSL enabled site.  When taking a look at the event log it became clear that this was due to SSL certificate errors.

An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=CERTIFICATENAME\nIssuer Name: CN=CERTIFICATENAME\nThumbprint: 3B3059FD6EEB4C3116658947159A1966EB9C50BB\n\nErrors:\n\n SSL policy errors have been encountered.  Error code ‘0x2’..

I had a number of events like this in the event log and after a little digging it turns out that this is due to mismatched security between the user that installed the SSL certificate and the user requesting the certificate.  You can see these certificate warnings in IE if you attempt to access some HTTPS addresses and it is necessary to confirm that you wish to proceed.

In code it is possible to ignore certificate errors and always return true.  This may or may not be desirable but can be implemented as follows:

HttpWebRequest httpReq = (HttpWebRequest)HttpWebRequest.Create(strUrl); ServicePointManager.ServerCertificateValidationCallback += delegate { return true; }; HttpWebResponse httpRes = (HttpWebResponse)httpReq.GetResponse();

This solved a problem that I was facing but it should be noted that ServicePointManager is an application setting so it may be worthwhile setting this when the application first starts.

I found Rick Strahl’s page extremely valuable when looking into this issue, so do take a look there for further info:

This entry was posted in .Net, ASP.Net, C#, IIS, SharePoint, SharePoint 2010 and tagged , , , , . Bookmark the permalink.

One Response to HttpWebRequest and SSL

  1. Ibrahim says:

    This was a very useful tip. Thanks

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s