Ignoring certificate errors with HTTPS

Question

0.00/5 (No votes)

See more:

So, my boss told me we need to download some data from another team's site -- within the company domain, it's trustworthy, right? -- but they have a bad certificate (wrong name for the server or some such).

I'm sure they'll get it straightened out by the time we need to get this feed into production (can you hear my eyes roll?).

Anyway, I'm working on the code, it's not difficult, but I have to deal with the system popping up a window prompting whether or not I really want to continue (gasp!).

So, what other options might there be to tell the system to ignore the error or otherwise trust the bad certificate?

.net 4.6.1

What I have tried:

I'm trying to use a System.Net.WebClient or System.Net.HttpWebRequest and neither is succeeding.
I have it working with a System.Windows.Forms.WebBrowser -- which is why I get a pop-up -- but I need the eventual solution to be hands-free.

I have the code for providing an always-true response from:
ServicePointManager.ServerCertificateValidationCallback
Which works in other situations, but not this one.

Posted 14-Dec-19 6:18am

PIEBALDconsult

Updated 14-Dec-19 6:55am

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

phil.o · Answer 1 · 2019-12-14T06:55:00

Did you try to install offending certificate in the list of trusted sources for the account under which the program is running?

dos

mmc -a
... add a component to the mmc to handle certificates
... etc.

I had to do this a few months ago to be able to access a wiki running in a private vm. I remember that the CA which signed the certificate had to be in the list of trusted authorities, too (and that could be true for all CAs up in the chain, eventually).