0

Ive been doing some research about how to consume a web api executed on my localhost throught a xamarin app. The web api works perfect, I can adding and getting the data to/from my sql server using a web browser but if I try to connect xamarin to it Ive always received authentication error (Mono.Btls.MonoBtlsException: Ssl error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED). Im basically doind this. I followed this post:

http://xamarininterviewquestion.blogspot.com/2019/06/ssl-certificate-and-public-key-pinning.html

So as it definitly didnt work, Id like to try another way;

Set TLSConfig DangerousAcceptAnyServerCertificateValidator to true. Because for know Im happy if Im able to test it.

Thats cool but as Im not a pro I have no idea about implement this;

var httpHandler = new HttpClientHandler();
// Return `true` to allow certificates that are untrusted/invalid
httpHandler.ServerCertificateCustomValidationCallback = 
    HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;

Ive got "DangerousAcceptAnyServerCertificateValidator" doesnt have a definition.

Thank you all in advance and sorry if Ive not been clear.

Raluido
  • 11
  • 2

3 Answers3

0

DangerousAcceptAnyServerCertificateValidator isn't applicable to Xamarin platforms, according to its documentation.

But literally you can write the same code like,

var handler = new HttpClientHandler();
handler.ServerCertificateCustomValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
HttpClient client = new HttpClient(handler);

https://stackoverflow.com/a/64741829/11182

Lex Li
  • 60,503
  • 9
  • 116
  • 147
  • Sorry Lex, I hadnt seen your replay. Ive just tried that and Ive got same 400 bad request. Shouldnt be so difficult, should be? – Raluido Sep 10 '21 at 10:54
  • @Raluido It should be difficult for beginners unfortunately to help you get familiar with all necessary topics. Getting 400 error response is a big step forward, as that indicates the TLS handshake finally succeeded after overriding certification validation. You cannot use `https://192.168.0.13:44311/api/Logins1` and that's 400 indicates. Try to use to `https://localhost:44311/api/Logins1` as `localhost` is what your web service monitors by default. – Lex Li Sep 10 '21 at 14:35
  • Yep, it is definitly hard, its gonna be time and patience. So I already tried with localhost but Ive got 'Network subsystem is down'. As I read somewhere someone change default web api options from localhost to their real ip on VS options but VS didnt let me do it. Also I use a software called sharProxy to addreess properly or something. Anyway man, Im happy to heard that at least it pass the validation. I really lost my patience but Im getting use to think, step by step by step......haha. So thank you buddy!!!! Let me know if you have other ideas :) – Raluido Sep 10 '21 at 15:30
  • Unless you hire a personal coach, step-by-step guides are rarely available for free. BTW, if you are running your Xamarin apps in an emulator, you might find my post useful, https://blog.lextudio.com/how-to-let-android-emulator-access-iis-express-f6530a02b1d3 – Lex Li Sep 10 '21 at 18:08
  • Yeahhhhhh man, you are the best!!!! I had heard about the problem that android emulator works in a different network but I hadnt found a solution that worked. Any tutorial had address me in the correct direction. Thank you so much. And yep, I studied one year programing but we just spend 3 weeks with c#. Now Im doind an online course but definitly would be better an academy. Take care buddy! – Raluido Sep 11 '21 at 10:33
0

if you are using Refit then you can do this

public HttpClient PreparedClient()
        {
            HttpClientHandler handler = new HttpClientHandler();
            handler.ServerCertificateCustomValidationCallback += (sender, cert, chain, sslPolicyErrors) => { return true; };
            HttpClient client = new HttpClient(handler) { BaseAddress = new Uri(EndpointConstants.BaseUrl) };
            return client;
        }

 private T RefitApi<T>() => RestService.For<T>(PreparedClient());

and if you need to specify settings you can do this

 private T RefitApiWithToken<T>() => RestService.For<T>(PreparedClient(), refitSettings);
Ronak Shetiya
  • 960
  • 6
  • 27
0

When using Refit for Xamarin forms

public HttpClient PreparedClient()
    {
        HttpClientHandler handler = new HttpClientHandler();
        handler.ServerCertificateCustomValidationCallback += (sender, cert, chain, sslPolicyErrors) => { return true; };
        HttpClient client = new HttpClient(handler) { BaseAddress = new Uri(EndpointConstants.BaseUrl) };
        return client;
    }
var apiResponse = RestService.For<T>(PreparedClient());
abubakar ahmed
  • 1
  • 1