Post JSON over HTTPS

Question

In the past I have successfully called a JSON webservice over HTTP But, now I have to make a JSON POST over HTTPS.

I have tried using the code that works for HTTP and simply changed the url that is being called to https but it won't work.

This is the code i am using...

WebRequest wrGETURL;
wrGETURL = WebRequest.Create("https://apitest.example.com/geo/coverage/v1/?appId=2644571&appKey=836621d715b6ce4db5f007d8fa2214f");
wrGETURL.Method = "POST";
Stream objStream;
objStream = wrGETURL.GetResponse().GetResponseStream();
StreamReader objReader = new StreamReader(objStream);
string responseFromServer = objReader.ReadToEnd();

and the error message i am seeing in fiddler is:

fiddler.network.https> Failed to secure existing connection for apitest.example.com. A call to SSPI failed, see inner exception. InnerException: System.ComponentModel.Win32Exception (0x80004005): The client and server cannot communicate, because they do not possess a common algorithm

Can anyone help me with that I need to do to make a call over HTTPS please?

Can you post your code and the errors you are getting please? — Padrus, Apr 19 '13 at 13:27
+1 from me. Seems like a genuine question. Now, isn't it because it is expecting PUT (as you mentioned in the question) and actually you are passing a POST method? — Ademar, Apr 19 '13 at 14:32
@Ademar apologies - that's a typo. it should be POST and not PUT — Trevor Daniel, Apr 19 '13 at 14:37
In this case, have you tried to do your request like this one here: http://stackoverflow.com/questions/9145667/how-to-post-json-to-the-server-using-c/10027534#10027534 — Ademar, Apr 19 '13 at 15:52

score 1 · Answer 1 · answered Aug 06 '13 at 03:09

Do you need to authenticate or maybe a callback for the server certificate? This works for me in most cases:

        var httpWebRequest = (HttpWebRequest)WebRequest.Create("https://someurl/");
        httpWebRequest.ContentType = "application/json";
        httpWebRequest.Method = "POST";

        // Create NetworkCredential Object 
        NetworkCredential admin_auth = new NetworkCredential("username", "password");

        // Set your HTTP credentials in your request header
        httpWebRequest.Credentials = admin_auth;

        // callback for handling server certificates
        ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

        using (var streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
        {
            string json = "{\"name\":\"TEST_123\"}";
            streamWriter.Write(json); 
            streamWriter.Flush();
            streamWriter.Close();
            var httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
            using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
            {
                var result = streamReader.ReadToEnd();
                Console.WriteLine(result);
            }
       }

Not to mention that it would be appropriate to do some kind of certificate validation just to ensure we are connecting to the server we think we are. Otherwise that code will also accept any certificate, allowing a MITM attack :P — vtortola, Mar 21 '14 at 14:04

score 0 · Answer 2 · answered May 02 '22 at 00:17

I am using React and Expressjs and ran into this issue. Send your ie: https://www.google.com with out the https:

part of my router.js

    router('/vod')
    .rout.get('/vod', (req,res)=>{
    res.send({message: "//www.google.com"});

App.js

    function App() {
    const [vod, setVod] = React.useState(null);
    
    React.useEffect(() => {
            fetch("/vod")
                .then((res) => res.json())
                .then((vod) => setVod(vod.message));
        },
        []);

    return (

        <div className="App">
            <header className="App-header">
                <iframe src={"https:"+vod} 
   id="myIframe" autoPlay width={1000} height= 
   {500} frame></iframe>
            </header>
        </div>

    );

in the iframe to change the source I used {"https:"+vod} to simulate the full url.

in your case try to combine your "result" like ("https:"+result)

I noticed that json grabs the : and messes the string up.

Post JSON over HTTPS

2 Answers2