Webapi http call results in SSL exception

Question

I am using a library called Refit to access a RESTful service

public interface IApiClient
{
    [Get("/{Id}/shifttimes")]
    Task<ShiftTimesResponse> GetShiftTimes(int id);
}

And I'm initializing the interface in DI:

builder.Register(ctx =>
        {
            var baseUri = new Uri(config.ApiUri);
            var client = RestService.For<IApiClient>(baseUri.OriginalString);
            return client;

        }).As<IApiClient>().InstancePerTenant();

Which is then used in myHandler:

public class ShiftTimesHandler
{
    private readonly IApiClient _apiClient;

    public ShiftTimesHandler(
            IApiClient apiClient)
    {
       _apiClient= apiClient;
    }

    public async Task Execute(Message message)
    {
       **Error on this line**
        var shiftTimesResponse = await _apiClient.GetShiftTimes(message.Id); 

        //Do something
    }
}

The exception is:

The SSL connection could not be established, see inner exception.

The inner exception is:

The remote certificate is invalid according to the validation procedure.: AuthenticationException

Is the server's SSL certificate valid, and is the requesting machine's date/time correct? — ProgrammingLlama, Feb 21 '19 at 09:19
When I run this code locally it works. When running in AWS Lambda it throws this error — Aman B, Feb 21 '19 at 09:27
Is the SSL certificate of the server you're accessing a proper one, or a self-sign? — ProgrammingLlama, Feb 21 '19 at 09:28
I'm calling the test version of the api. It might be self signed. not sure how can I check? — Aman B, Feb 21 '19 at 09:30
Access it with your browser, check the certificate and signing chain. — ProgrammingLlama, Feb 21 '19 at 10:49
You can use [this](https://stackoverflow.com/questions/2675133/c-sharp-ignore-certificate-errors) to byass SSL checks. **Do not use it in production code** because it accepts _all certificates_ as valid, regardless of if they are or not. — ProgrammingLlama, Feb 21 '19 at 11:05
@John thanks for pointing me in the right direction. Had to do it slightly different for .netcore as `ServicePointManager` target .net framework — Aman B, Feb 22 '19 at 08:50

score 1 · Answer 1 · answered Feb 22 '19 at 08:54

Below worked for me. However, it is shouldn't be done in Production environment:

            var httpClientHandler = new HttpClientHandler
            {
                ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true
            };

            var httpClient = new HttpClient(httpClientHandler)
            {
                BaseAddress = new Uri(config.ApiUri);
            };

            return RestService.For<IHoursApiClient>(httpClient);

Webapi http call results in SSL exception

1 Answers1