Exception: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel

廉价感情. 提交于 2021-02-07 07:58:44

问题


for firebase notification code

WebRequest tRequest = WebRequest.Create("https://fcm.googleapis.com/fcm/send"); 
tRequest.Method = "post";
tRequest.ContentType = "application/json";
var data = new{collapse_key = "unassigned", to = deviceToken,data = new
  {body = message,title = title,sound = "default"}
};

message to pass for notifaction on mobile

var serializer = new JavaScriptSerializer();
var json = serializer.Serialize(data);
Byte[] byteArray = Encoding.UTF8.GetBytes(json);
tRequest.Headers.Add(string.Format("Authorization: key={0}", applicationId));
tRequest.Headers.Add(string.Format("Sender: id={0}", senderId));
tRequest.ContentLength = byteArray.Length;

error occur here below code

using (Stream dataStream = tRequest.GetRequestStream())
{ 
  dataStream.Write(byteArray, 0, byteArray.Length);
 using (WebResponse tResponse = tRequest.GetResponse())
  { 
    using (Stream dataStreamResponse = tResponse.GetResponseStream())
    { 

   //code 1
    }     
  }   
}  

回答1:


The exception in the title says that you are connecting to an endpoint with TLS encryption, and the certificate exposed by that endpoint is not trusted by you. This means that is not signed with a certificate that you have in your CA (Certificate Authority) Store. Like a self-signed certificate.

If the certificate is self signed, you can add it to your CA Store. If not, you can try to navigate the endpoint with your browser, and look for a copy of the certificate that the endpoint is presenting, to manually trust it. (Beware that by doing this if the endpoint has been already compromised you're manually trusting its certificate.)

You can also avoid this check by adding a custom certificate validation handler that always returns valid! (true). But, please be aware that doing this will expose you to man-in-the-middle attacks, as you'll loose the ability to check the endpoints authenticity.

ServicePointManager
    .ServerCertificateValidationCallback += 
    (sender, cert, chain, sslPolicyErrors) => true;



回答2:


I don't why using this line of code stated above

ServicePointManager
    .ServerCertificateValidationCallback += 
    (sender, cert, chain, sslPolicyErrors) => true;

i could not made it work

So but using it this way worked properly:

internal static bool ValidateServerCertificate(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
    return true;
}
ServicePointManager.ServerCertificateValidationCallback  = ValidateServerCertificate;



回答3:


  1. The calling web and API site should have same SSL certificate I use “IIS Express Development Certificate”

  2. Export your certificate to local file Export Certificate

  3. Import your certificate to “Trusted Root Certification Authorities” folder in “ConsoleCertificate”

Import it into trust root




回答4:


This worked for me.

ServicePointManager
  .ServerCertificateValidationCallback += 
  (sender, cert, chain, sslPolicyErrors) => true;

I tested it several times with and without. Definitely took care of the problem.



来源:https://stackoverflow.com/questions/41519935/exception-the-underlying-connection-was-closed-could-not-establish-trust-relat

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!