0

I am building an API that calls upon another API for further processing. I have both APIs running locally but when I call the second API from the first API I get the following error:

Exception has occurred: CLR/System.AggregateException An exception of type 'System.AggregateException' occurred in System.Private.CoreLib.dll but was not handled in user code: 'One or more errors occurred.' Inner exceptions found, see $exception in variables window for more details. Innermost exception System.Security.Authentication.AuthenticationException : The remote certificate is invalid according to the validation procedure. at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.PartialFrameCallback(AsyncProtocolRequest asyncRequest) at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslStream.ThrowIfExceptional() at System.Net.Security.SslStream.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult) at System.Net.Security.SslStream.<>c.b__65_1(IAsyncResult iar) at System.Threading.Tasks.TaskFactory1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization) at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.ConfiguredTaskAwaitable.ConfiguredTaskAwaiter.GetResult() at System.Net.Http.ConnectHelper.d__4.MoveNext()

The code from the first API is:

public IActionResult Validate([FromBody] Website data)
    {
        HttpClient client = new HttpClient();
        client.BaseAddress = new Uri("https://localhost:5003/");
        client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

        var response = client.PostAsJsonAsync("Routing", data).Result; //error occurs here

        return Ok();
    }

Yes, I know that I'm not actually processing the result and just returning an OK response but right now, I'm just trying to get them connecting successfully before expanding the code.

I've never done anything with certificates before so any help here would be greatly appreciated

Andrew Sampson
  • 11
  • 3
  • 1
    1) Is the route certificate authority registered on the client machine? 2) Is the site's certificate signed by that root CA? 3) Is your machine's date/time up to date? 4) Has the certificate expired? 5) Is the domain correct in the certificate. A quick "sniff" test might be to access the site in Internet Explorer or Edge on the client, since this will use your machine's certificate store and will tell you if your computer recognises the certificate as valid. – ProgrammingLlama May 20 '20 at 08:04
  • See here https://stackoverflow.com/questions/2675133/c-sharp-ignore-certificate-errors – Doan Thai May 20 '20 at 08:06
  • @Doan Are you sure just accepting any and all SSL certificates as valid without checking them is the right way to go? If that's the case, why not just use HTTP rather than HTTPS? It's better to register the development certificate on your machine than to risk leaving this in in production code. – ProgrammingLlama May 20 '20 at 09:00
  • Are both applications using the same port number? Try calling the 2nd API without opening a request on first application. I suspect there is a conflict that both apps are making the same connection and server is not allowing two connections from same client with same port number. – jdweng May 20 '20 at 09:46
  • 1
    @John I think that is one way to work, but it isn't best case. I usually set up SSL on development environment to resolve that problem. – Doan Thai May 20 '20 at 14:48

0 Answers0