Jerry Nixon @Work: WebRequest and SSL

Jerry Nixon on Windows

Tuesday, March 1, 2005

WebRequest and SSL

WebRequest and SSL (The underlying connection was closed. Could not establish trust relationship with remote server.)

Wholly Handy, Batman.

I hit this error and was stuck. My application was sending Web Service calls from one machine to another across SSL and I had only tested straight-HTTP. Once the errors started coming I realized I need an SSL testing environment. Nonetheless, an implementation of ICertificatePolicy was the answer. No wonder bloggers are Time's people of the year!

Note: The reason for my error is that we were using the IP address and the common name on the SSL certificate was not an IP address so there was not a match. This was the same error IE gave me when I would nav to it in the browser. This is such a common problem with SSL - it's not unwise to ignore the common name IMHO.

I might add that this is not a great approach in certain circumstances when you need to handle the expiry of certificates and other things. In the case of that, there is a sample on MSDN that shows what to do Here.

Update! Having the problem still bug me and the implementation not work as expected, I did some more searching and found this MSDN article that shows how to make a change in the Machine.Config to make this a global solution without a code change.

In the Machine.Config change
servicePointManager checkCertificateName="true"
to be
servicePointManager checkCertificateName="false"