0

I am trying this code to get a SSRS report from the SSRS server:

var uri = new Uri("https://localhost/Reports/report/Fault%20Diagnostics%20Coverage%20Summary");
            var credentialsCache = new CredentialCache();
            credentialsCache.Add(uri, "Negotiate", new NetworkCredential("domain\\username", "password"));
            var handler = new HttpClientHandler() { Credentials = credentialsCache, PreAuthenticate = true };

            using (var client = new HttpClient(handler))
            {
                var response = client.GetAsync("https://localhost/Reports/report/reportname").Result;

                if (response.IsSuccessStatusCode)
                {
                    var responseContent = response.Content;

                    // by calling .Result you are synchronously reading the result
                    string responseString = responseContent.ReadAsStringAsync().Result;

                    Response.Write(responseString);
                }
            }

I was able to get this code working but lost that code. Now all I get is this:

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure

Please help.

Thanks

Update: After adding this code:

handler.ServerCertificateCustomValidationCallback =
                (httpRequestMessage, cert, cetChain, policyErrors) =>
                {
                    return true;
                };

I am getting 401.

Mark
  • 4,535
  • 7
  • 39
  • 76
  • It sounds like the remote server doesn't have a valid SSL certificate. – ProgrammingLlama Jan 14 '22 at 16:53
  • 1
    Looks like you're using a self-signed certificate for `localhost`, and haven't added that to the trusted certificates on the computer where this code is running. – Richard Deeming Jan 14 '22 at 16:53
  • Can you please explain a bit more? Also I have updated my code. – Mark Jan 14 '22 at 16:59
  • Re your update: that disables all checking that the server has a valid SSL certificate. SSL provides both encryption and server identity verification. Without this protection, your application will be vulnerable to man-in-the-middle attacks. – ProgrammingLlama Jan 14 '22 at 17:01
  • 1
    I understand that, but for now (it's a POC) I just need to run it. The sad part is that I am not a c# developer. – Mark Jan 14 '22 at 17:02
  • Noted. I just wanted to be clear with the warning because I see people blindly using it without any care for the consequences (and people giving that as a solution with no warnings). Re installing the local dev certificate (assuming it's the Visual Studio one running at `https://localhost`) see here: https://stackoverflow.com/questions/39189755/enable-ssl-in-visual-studio-not-prompted-to-install-certificate – ProgrammingLlama Jan 14 '22 at 17:05
  • Thank you. Since we are on the subject, is it possible to avoid using real user name and a password? – Mark Jan 14 '22 at 17:12
  • @Llama. Looking into the link I am sure what I have to do. I am not running it from VS. I am running web app in the Browser. The app itself is running using https. Also, the report when is run directly in the Browser works fine. So, I dont know where to add the certicate. – Mark Jan 14 '22 at 17:16
  • The server running at https://local host has what is presumably a self-signed SSL certificate. You need to add that to your computer's certificate store if you wish it to be accepted by the browser and by your code without using hacks like the code above. The fact your system doesn't validate the certificate should be evident if you visit https://localhost/ in your browser. It will tell you the page is insecure or not safe. – ProgrammingLlama Jan 14 '22 at 17:46

0 Answers0