2

I am following this tutorial to make PEM certificates working between a NodeJS Server and a NodeJS Client.

My situation is similar, at server I have a NodeJS server, but, at client side, I have a C# Client application (.NET Framework 4.7.2).

Just for a test, at C# Client application we have:

bool pingSuccess = false;
using (var wb = new WebClient())
{
         string response = wb.UploadString(nodeJSURL, "POST", "{\"message\":\"ping\"}");
         if (response == "success") pingSuccess = true;
}
if (!pingSuccess) throw new HttpListenerException(503, "Il server NodeJS risulta non raggiungibile dall'indirizzo " + nodeJSURL);

But (obviously) I get this expected error:

Web Client Exception: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel

enter image description here

What I tried to do, is to try applying the procedure used by Anders Brownworth in his tutorial for its NodeJS Client adapting this code to C#:

var fs = require('fs'); 
var https = require('https'); 
var options = { 
    hostname: 'localhost', 
    port: 4433, 
    path: '/', 
    method: 'GET', 
    ca: fs.readFileSync('ca-crt.pem') 
}; 
var req = https.request(options, function(res) { 
    res.on('data', function(data) { 
        process.stdout.write(data); 
    }); 
}); 
req.end();

But I am quite new in C#, how can I rewrite this code to be equivalent and use it in C#?

In other words, what I need is for my C# client code to accept the certificates provided by my NodeJS server. I looked for other solutions, but I found them too complex, is there a lean and clean way to do it?

I tried a workaround, adding following line just before the HTTP request:

ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(delegate { return true; });

works, but this is not what I need, because I want to trust just only the certificates provided by my NodeJS server. However thanks to this workaround I was able to verify that the rest of the application is working properly.

Sidenote: I created my PEM certificates following the already abovementione tutorial but using Wind64 OPENSSL and it works perfectly n Windows 10.

shogitai
  • 1,823
  • 1
  • 23
  • 50
  • I noticed that [RemoteCertificateValidationCallback .NET method](https://learn.microsoft.com/it-it/dotnet/api/system.net.security.remotecertificatevalidationcallback?view=netframework-4.8) may help me to solve the problem, but I have not a clear idea how to use it, could someone help me? – shogitai Aug 01 '19 at 11:58
  • 1
    https://stackoverflow.com/questions/2066489/how-can-you-add-a-certificate-to-webclient-c – TheMikeInNYC Aug 01 '19 at 14:18

0 Answers0