RestSharp - Ignore SSL errors

Question

Is there any whay that I can get RestSharp to ignore errors in SSL certificates? I have a test client, and the service I connect to does not yet have a valid cetificate.

Answer 1

As John suggested:

ServicePointManager.ServerCertificateValidationCallback +=
        (sender, certificate, chain, sslPolicyErrors) => true;

Answer 2

You can bypass ssl check

In object level:

(available in RestSharp v106.0.0 and later)

//bypass ssl validation check by using RestClient object
var restClient = new RestClient(baseUrl);
restClient.RemoteCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true;

OR

In application level:

//bypass ssl validation check globally for whole application.
ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;

Answer 3

There is a better solution than modifying your code. Ideally you want a solution that will simulate the conditions you will see in production and modifying your code won't do that and could be dangerous if you forget to take the code out before you deploy it.

You will need a self-signed certificate of some sort. If you're using IIS Express you will have one of these already, you'll just have to find it. If you don't have it already, open Firefox or whatever browser you like and go to your website. You should be able to view the certificate information from the URL bar and depending on your browser you should be able to export the certificate.

Next, open MMC.exe, and add the Certificate snap-in. Import your certificate file into the Trusted Root Certificate Authorities store and that's all you should need.

Now, your computer as a whole will implicitly trust any certificates that it has generated itself and you won't need to add code to handle this specially. When you move to production it will continue to work provided you have a proper valid certificate installed there.