0

I'm trying to send user a password reset link but when it comes to the Smtp.send stage, I got error saying that The remote certificate is invalid according to the validation procedure.

I'm not using Gmail to send this, I'm using our own domain mail server. Will it be issue for this matter ?

this is the sample of the code.

var smtp = new SmtpClient {
  Host = "mail.sample.com",
    Port = 587,
    EnableSsl = true,
    DeliveryMethod = SmtpDeliveryMethod.Network,
    UseDefaultCredentials = false,
    Credentials = new NetworkCredential(fromEmail.Address, fromEmailPassword)

};
using(var message = new MailMessage(fromEmail, toEmail) {
  Subject = subject,
    Body = body,
    IsBodyHtml = true
})

smtp.Send(message);
Yrox Mk
  • 49
  • 10
  • Is the certificate valid? Is the date and time on the client machine correct? – ProgrammingLlama Dec 23 '21 at 03:51
  • @Llama Date and times are correct, I have googled the issue, there are some threads that need to manually add certificate to the project. but couldn't find a proper guide to do that. Not sure same issue I got also – Yrox Mk Dec 23 '21 at 03:58

1 Answers1

1

I resolved it by adding these codes to mine

This line added before the using(var message = new MailMessage(fromEmail, toEmail) {

 ServicePointManager.ServerCertificateValidationCallback =new RemoteCertificateValidationCallback(ValidateServerCertificate);

and this method

public static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
  if (sslPolicyErrors == SslPolicyErrors.None)
    return true;
  else {
    return true;

  }
}

This resolved my issue. Main link "The remote certificate is invalid according to the validation procedure." using Gmail SMTP server

Yrox Mk
  • 49
  • 10
  • 1
    Be aware that this means that your whole application no longer validates the authenticity of any SSL certificate it encountered. So if you are working with https://api.some.bank and somebody manages to intercept your application's connection, they can substitute a fake SSL certificate and your application will never know. You should modify `ValidateServerCertificate` to specifically validate your mail server's certificate, and if it's not that one default to the standard validation. Or, the all-round better solution is to use a valid certificate on the server. – ProgrammingLlama Dec 23 '21 at 04:38
  • @Llama I Didn't knew that part. So can you explain me how to use a valid certificate to the server ? – Yrox Mk Dec 23 '21 at 09:53
  • As explained by @DiplomacyNotWar, this is not a solution. This is a workaround that can be used during development. Please, do not use this code in production. – pradeep Mar 17 '22 at 12:28