Splunk Dev

NetCore 2.1 - how to handle "Invalid Certificate" issue?

klassesen
New Member

Using latest NetCore Splunk.Client,

The following fails

   ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) =>
        {
            return true;
        };
        Service service = new Service(new Uri(SplunkBaseUri));
        var task = service.LogOnAsync("Jas", "1234");
        task.Wait();
        return service;

With
* AuthenticationException: The remote certificate is invalid according to the validation procedure.
* HttpRequestException: The SSL connection could not be established, see inner exception.

If I write it using HttpClient, i.e.

     HttpClient client = new HttpClient(new HttpClientHandler
                {
                    ServerCertificateCustomValidationCallback = (message, certificate2, arg3, arg4) => true
                })
                {
                    BaseAddress = baseAddress
                };

This does not happen. How do we do this with the new Splunk.client?

Labels (1)
0 Karma

lettucemode
New Member

For those who stumble onto this question from a search engine (like me), here is how I fixed this. .Net Core changed how ServicePointManager works, so instead of doing the override suggested in the Splunk docs, you need to provide a custom handler to the Context object. Like so:

 

var handler = new WinHttpHandler();
handler.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;
var ctx = new Context(Scheme.Https, "your_splunk_enterprise_url", 8089, default, handler);
this._splunkService = new Service(ctx);
await this._splunkService.LogOnAsync("username", "password");

 

After doing this the LogOnAsync method no longer returns the error about invalid certificate validation procedure etc. My app is targeting .NET Core 3.1.

Mods - can we get this added to the official documentation, perhaps?

0 Karma

ThisNoName
New Member

Should probably consider using HttpClient instead WinHttp.

var handler = new HttpClientHandler
{
    ServerCertificateCustomValidationCallback =

        (sender, cert, chain, sslPolicyErrors) => { return true; }
};

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...