3

All -

I'm using C#'s WebClient class to gain access to a resource on a remote server via https. The resource I am interested in is a file on the remote server. I'm using the following call to gain access to the file:

WebClient client = new WebClient();
client.DownloadData("https://someuri/file.txt");

When calling the above code I get the an System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. I have manually visted the site via IE and added the cert. as a trusted issuer and can browse to the resource without an issue in IE. Does C# not use the standard windows certificate store ? or do I have to write my own CertificatePolicy?. I'd really like to use the built in authentication algorithms.

Thanks in advance.

Chris Johnson
  • 2,631
  • 2
  • 18
  • 17
  • I fear this is not really an answer, but it may help you a bit. See the accepted answer here: http://stackoverflow.com/questions/1301127/how-to-ignore-a-certificate-error-with-c-2-0-webclient-without-the-certificate – Tom Chantler Nov 22 '10 at 15:08
  • Thanks for the input, not exactly an answer. Yes I could extend ICertificatePolicy and have the CheckValidationResult always return true, but I'd rather be able to load the trusted certs into windows and have the lower level C# methods operate off them. Always returning true is not a solution. – Chris Johnson Nov 22 '10 at 15:27
  • In IE, did you just accept the certificate when you first browsed to it, or did you actually go through the process of adding it to your certificate store? – Spencer Hakim Nov 22 '10 at 15:50
  • yes, I actually added it to my Trusted Root Certification Authorities. After that point all new visits to the uri from IE work without warning. – Chris Johnson Nov 22 '10 at 15:56
  • My certificate is in the Trusted Root Certificates but when I browse to the url in IE i still get to accept the certificate, what am I doing wrong? – VinnyG Feb 04 '11 at 20:24

2 Answers2

1

In order to get this working properly you one can't just accept the the end certificate in the browser. You must use the cmd: mmc console to load certificates into the Machines trust store rather then just the users trust store.

Chris Johnson
  • 2,631
  • 2
  • 18
  • 17
0

Are you running this code through ASP.Net? If so, you may have to install the cert for the Local Computer, as the cert you installed for your login cant be used by ASP.net

user144133
  • 435
  • 1
  • 4
  • 9