HTTPS Connecting too

  • Thread starter Thread starter RossSmith
  • Start date Start date
R

RossSmith

I wrote some code as a windows service to send and retrieve a XML file
from another web site. I'm reading and writing streams. All was
working fine until they changed from HTTP to HTTPS. Now I get the 403
Access denied error. I did connect through Internet explorer and it
worked but I got the error box saying the cert was not quite correct
and did I want to continue. That's all well and good but I need to be
able from code to tell the web site to continue anyway. Does anyone
have a suggestion on how to solve this? Thanks in advance.
 
RossSmith said:
I wrote some code as a windows service to send and retrieve a XML file
from another web site. I'm reading and writing streams. All was
working fine until they changed from HTTP to HTTPS. Now I get the 403
Access denied error. I did connect through Internet explorer and it
worked but I got the error box saying the cert was not quite correct
and did I want to continue. That's all well and good but I need to be
able from code to tell the web site to continue anyway. Does anyone
have a suggestion on how to solve this? Thanks in advance.
Click to expand...

The whole point of certificates is that if the server and client
certificates don't match, you *can't* force the browser to continue
anyway. Doing so would give a false sense of security to the user.
 
RossSmith said:
I wrote some code as a windows service to send and retrieve a XML file
from another web site. I'm reading and writing streams. All was
working fine until they changed from HTTP to HTTPS. Now I get the 403
Access denied error. I did connect through Internet explorer and it
worked but I got the error box saying the cert was not quite correct
and did I want to continue. That's all well and good but I need to be
able from code to tell the web site to continue anyway. Does anyone
have a suggestion on how to solve this? Thanks in advance.
Click to expand...

<rant>
Using HTTPS in a business app with an invalid certificate is plain stupid.
</rant>

Ross, you didn't describe your service's implementation detailed enough. Are
you using (Http)WebRequest, WebClient, or plain sockets? If you're using
(Http)WebRequest or WebClient, implementing an appropriate
ICertificatePolicy will do the trick.

Cheers,
 
Thanks for both of your replies. As it turns out after almost 40 hours
or more of trying to figure this out I did. I had two errors. First I
was using UTF8Encoding and not AsciiEncoding. To be honsest I don't
know what thats for but it was producing a protocol error (I think).
Sencond and correctly put by Joerg Jooss I did need to put in a cert
that always returned true. This got me pas the error prompt. By the
way to the rant, once this is all tested the cert will be on the
correct box and the error message will go away. Thanks all for your
replies. It nice to know help is available if necessary.
 
RossSmith said:
Thanks for both of your replies. As it turns out after almost 40 hours
or more of trying to figure this out I did. I had two errors. First I
was using UTF8Encoding and not AsciiEncoding. To be honsest I don't
know what thats for but it was producing a protocol error (I think).
Sencond and correctly put by Joerg Jooss I did need to put in a cert
that always returned true. This got me pas the error prompt. By the
way to the rant, once this is all tested the cert will be on the
correct box and the error message will go away. Thanks all for your
replies. It nice to know help is available if necessary.
Click to expand...

You're welcome. BTW, once the correct certificate is installed, you can (and
should) dump your work-around ICertificate implementation, otherwise your
application trusts the server side blindly ;-)

Cheers,
 
Back
Top