0

I make a POST HTTPWebRequest to an URL to download a file. The problem is request fails with message authentication failed. But the same request made via POSTMAN app works fine. Error I receive is : The remote server returned an error: (401) Unauthorized. Protocol Error.

The fiddler capture of requests between the two shows that POSTMAN has few additional ciphers, ec_point_formats, elliptic_curves, signature_algs. Not sure if that matters but in the interest of keeping this post short I am not giving the actual differences but can provided if asked for.

Sample code I use:

// create a request 
HttpWebRequest request; = (HttpWebRequest)WebRequest.Create(inputUri);

SetProxy(inputProxyUri, inputProxyUser, inputProxyPassword, request);

request.ProtocolVersion = HttpVersion.Version11;

//Set authorization 
string authorisation = string.Format("{0}:{1}", user, pass);
string encoded = Convert.ToBase64String(Encoding.UTF8.GetBytes(authorisation));
string header = string.Format("{0} {1}", "Basic", encoded);
request.Headers[HttpRequestHeader.Authorization] = header;

request.KeepAlive = false;
request.Method = "POST";

byte[] postBytes = Encoding.ASCII.GetBytes(requestParams);
request.ContentLength = postBytes.Length;
Stream requestStream = request.GetRequestStream();
requestStream.Write(postBytes, 0, postBytes.Length);
requestStream.Close();

//Get response stream
System.IO.Stream responseStream = ((HttpWebResponse)request.GetResponse()).GetResponseStream();

I have played with request object mentioned below :

request.ProtocolVersion = HttpVersion.Version11;
   request.AuthenticationLevel = System.Net.Security.AuthenticationLevel.MutualAuthRequired;

   request.UseDefaultCredentials = true;
   request.PreAuthenticate = true;
   request.Credentials = CredentialCache.DefaultCredentials;

   request.Accept = "*/*";

Also changed registry to enable TLS 1.2, enable TLS-1.2 for client and server SCHANNEL communications as mentioned in https://www.derekseaman.com/2010/06/enable-tls-12-aes-256-and-sha-256-in.html without much luck.

Any help would be appreciated.

Vijay
  • 363
  • 11
  • 25
  • The post you linked is 8 years old. What is missing in this question, is the .Net Framework you are using. That is relevant. The target System(s), too. You should set your [ServicePointManager.SecurityProtocol](https://learn.microsoft.com/en-us/dotnet/api/system.net.servicepointmanager.securityprotocol) to `SecurityProtocolType.Tls12` and have a [ServicePointManager.ServerCertificateValidationCallback](https://learn.microsoft.com/en-us/dotnet/api/system.net.servicepointmanager.servercertificatevalidationcallback) that, at least, can return `true` (to accept all server certificates). – Jimi Oct 12 '18 at 06:48
  • For an example see here: [Which TLS version was negotiated?](https://stackoverflow.com/questions/48589590/which-tls-version-was-negotiated?answertab=active#tab-top) – Jimi Oct 12 '18 at 06:50
  • Thanks Jimi for coming back on this. Am using .Net 4.6.1 and TLS 1.2 negotiation. Will try your ServicePointManager.ServerCertificateValidationCallback. – Vijay Oct 12 '18 at 09:30

0 Answers0