System.Net.Http.WinHttpException: A security error occurred

908 views
Skip to first unread message

Adrian Cockburn

unread,
Nov 1, 2017, 10:54:35 AM11/1/17
to RavenDB - 2nd generation document database
I am trying to access a v3.5 Raven Database from an Asp.Net Core app (netcoreapp2.0), client and server both using build #35223.
Raven is setup to use SSL with a Self Signed Certificate, the Raven config has IgnoreSslCertificateErrors set to All.
The certificate is installed and the studio works in the browser as expected after accepting the cert.

Accessing the same database from an existing Full Framework 4.6 app works fine, after I've setup a ServerCertificateValidationCallback handler to ignore errors for my self signed cert.
Adding the same handler to the .Net Core app, it never comes in there and the request never makes it to Raven.

It looks like this global ServerCertificateValidationCallback on the ServicePointManager is no longer supported in .Net Core. The preferred method now seems to be to use ServerCertificateCustomValidationCallback on a HttpClientHandler, but this then needs to be passed to your HttpClient constructor. I do not see away of achieving this with the v3.5 Raven.Client. 

Is there some method I can use to inject a custom handler in the HttpClient used by the Raven.Client?
Or some other method I am missing to make this work with Self Signed Certs in .Net Core?


Thanks,
Adrian.


Oren Eini (Ayende Rahien)

unread,
Nov 1, 2017, 12:28:40 PM11/1/17
to ravendb
Here is how you can configure the http handler:

store.JsonRequestFactory.ConfigureRequest += (sender, args) => {
 var webRequestHandler = new WebRequestHandler {
   UnsafeAuthenticatedConnectionSharing = true,
   PreAuthenticate = true
   };
 args.Client = new HttpClient(webRequestHandler);
};

Hibernating Rhinos Ltd  

Oren Eini l CEO Mobile: + 972-52-548-6969

Office: +972-4-622-7811 l Fax: +972-153-4-622-7811

 


--
You received this message because you are subscribed to the Google Groups "RavenDB - 2nd generation document database" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ravendb+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Wallace Turner

unread,
Apr 10, 2019, 4:05:23 AM4/10/19
to RavenDB - 2nd generation document database
if `WebRequestHandler` cannot be found you may need to add a reference to `System.Net.Http.WebRequest`


To unsubscribe from this group and stop receiving emails from it, send an email to rav...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages