.NET Core Refit HTTPS errors

Question

I have the below code, which uses Refit to make an HTTPS call. It works from a console application targeting the .NET framework 4.6.1.

When I run the exact same code from a console application targeting .NET Core 2.1 I get an error:

The SSL connection could not be established... An unknown error occurred while processing the certificate

I'm using Refit version 4.5.6

System.Net.ServicePointManager.SecurityProtocol =
    SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

var baseAddress = new Uri(BaseHttpsAddress);
var httpClientHandler = new HttpClientHandler
{
    ClientCertificateOptions = ClientCertificateOption.Automatic
};

var httpClient = new HttpClient(httpClientHandler) { BaseAddress = baseAddress, Timeout = _requestTimeout };

var service = RestService.For<IMyService>(httpClient);

var result = await service.GetUsers();

In fact when targeting .NET Core 2.1 all my HTTPS calls fail, but my HTTP calls work fine.

Is there some configuration or something to get HTTPS calls working in a .NET Core 2.1 application using Refit?

Answer 1

I am trying to accept all server certificates as valid by the below code.. However in real-time, you add the logic to validate the server certificate.

System.Net.ServicePointManager.SecurityProtocol =
            SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

....
 ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true; 
...
// your https call goes here
....

Answer 2

You need to tell the ServicePointManager to accept the connections using TLS (appropriate version) protocol. Try Default SecurityProtocol in .NET 4.5. This one is for .NET 4.5. However the same is applicable for .NET Core.

Answer 3

Regular .NET automatically checks the Windows certificates installed and .NET Core doesn't.

So with .NET Core I needed to manually add the certificate and it worked.