Splunk Dev

NetCore 2.1 - how to handle "Invalid Certificate" issue?

klassesen
New Member

Using latest NetCore Splunk.Client,

The following fails

   ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) =>
        {
            return true;
        };
        Service service = new Service(new Uri(SplunkBaseUri));
        var task = service.LogOnAsync("Jas", "1234");
        task.Wait();
        return service;

With
* AuthenticationException: The remote certificate is invalid according to the validation procedure.
* HttpRequestException: The SSL connection could not be established, see inner exception.

If I write it using HttpClient, i.e.

     HttpClient client = new HttpClient(new HttpClientHandler
                {
                    ServerCertificateCustomValidationCallback = (message, certificate2, arg3, arg4) => true
                })
                {
                    BaseAddress = baseAddress
                };

This does not happen. How do we do this with the new Splunk.client?

Labels (1)
0 Karma

lettucemode
New Member

For those who stumble onto this question from a search engine (like me), here is how I fixed this. .Net Core changed how ServicePointManager works, so instead of doing the override suggested in the Splunk docs, you need to provide a custom handler to the Context object. Like so:

 

var handler = new WinHttpHandler();
handler.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;
var ctx = new Context(Scheme.Https, "your_splunk_enterprise_url", 8089, default, handler);
this._splunkService = new Service(ctx);
await this._splunkService.LogOnAsync("username", "password");

 

After doing this the LogOnAsync method no longer returns the error about invalid certificate validation procedure etc. My app is targeting .NET Core 3.1.

Mods - can we get this added to the official documentation, perhaps?

0 Karma

ThisNoName
New Member

Should probably consider using HttpClient instead WinHttp.

var handler = new HttpClientHandler
{
    ServerCertificateCustomValidationCallback =

        (sender, cert, chain, sslPolicyErrors) => { return true; }
};

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...