1

I am building a winforms app, that consume a rest API, this API has a security with certificate .crt that I integrate in my code : 

X509Certificate2 cert = new X509Certificate2(PathCert);
connection.ClientCertificates.Add(cert);
connection.PreAuthenticate = true;

try
{
    HttpWebResponse response = (HttpWebResponse)connection.GetResponse();
    StreamReader sr = new StreamReader(response.GetResponseStream(), Encoding.UTF8);
    body = sr.ReadToEnd();
}
catch (WebException webex)
{
    log(webex.Message)
}
catch (Exception e)
{
    log(e.Message)
}

In my environment this app is working, when I publish the app in preproduction server, it shows me an error:

System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

then, I installed the postman app, and I ran my rest API with postman with the certificate, the response was successful, I tried with the temporary solution recommended in this post https://stackoverflow.com/a/1386568/5586581 and it worked, but it isn't a solid solution for me. Any suggestions ?

Martin Chinome
  • 431
  • 5
  • 17
  • 1
    Use a valid cert. The whole cert chain needs to be valid and for the correct domain and purpose. The delegate from the workaround contains arguments that you can use to see why it is not valid. Put a breakpoint in there and take a look. Viewing the cert in the mmc snap in can also tell you why it isn't valid. – George Helyar Nov 29 '18 at 21:24
  • BTW, your client certificate is unusable as client certificate, because it doesn't contain private key. – Crypt32 Nov 29 '18 at 21:42

0 Answers0