Forum Xamarin.Forms

Client handler not recognizing my trusted API certificate

LuizNegriniLuizNegrini USMember ✭✭
edited November 2019 in Xamarin.Forms

I have a problem using HttpClientHandler, when I use a new instantiated API calls are considered unreliable, when using native this does not happen, does anyone know what may be happening? Or what must be done to make my handler behave properly?

Below are the code snippets where I instantiate and use it.

private static HttpClient ConfigureClient(string endpoint)
{
    return new HttpClient(_authenticatedHttpClientHandler)
    {
        BaseAddress = new Uri($"{Endpoints.FULL_URL}/{endpoint}"),
        Timeout = new TimeSpan(0, 0, ServiceConfiguration.TIMEOUT)
    };
}

public static void RegisterContainer(IContainerRegistry container)
{
     _authenticatedHttpClientHandler = new AuthenticatedHttpClientHandler();

    container.RegisterInstance(_authenticatedHttpClientHandler);
}

The certificate was created using the Let's Encrypt (wildcard) tutorial.

Stacktrace:

{System.Net.WebException: Error: TrustFailure (Authentication failed, see inner exception.) ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> Mono.Security.Interface.TlsException: CertificateUnknown
at Mono.AppleTls.AppleTlsContext.EvaluateTrust () [0x000bf] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/Mono.AppleTls/AppleTlsContext.cs:306
at Mono.AppleTls.AppleTlsContext.ProcessHandshake () [0x00075] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/Mono.AppleTls/AppleTlsContext.cs:213
at Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake (Mono.Net.Security.AsyncOperationStatus status, System.Boolean renegotiate) [0x000da] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:840
at Mono.Net.Security.AsyncHandshakeRequest.Run (Mono.Net.Security.AsyncOperationStatus status) [0x00000] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs:289
at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation (System.Threading.CancellationToken cancellationToken) [0x000fc] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs:223
--- End of inner exception stack trace ---
at Mono.Net.Security.MobileAuthenticatedStream.ProcessAuthentication (System.Boolean runSynchronously, Mono.Net.Security.MonoSslAuthenticationOptions options, System.Threading.CancellationToken cancellationToken) [0x0025c] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:406
at Mono.Net.Security.MonoTlsStream.CreateStream (System.Net.WebConnectionTunnel tunnel, System.Threading.CancellationToken cancellationToken) [0x00176] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs:137
at System.Net.WebConnection.CreateStream (System.Net.WebOperation operation, System.Boolean reused, System.Threading.CancellationToken cancellationToken) [0x00170] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/System.Net/WebConnection.cs:222
--- End of inner exception stack trace ---
at System.Net.WebConnection.CreateStream (System.Net.WebOperation operation, System.Boolean reused, System.Threading.CancellationToken cancellationToken) [0x00208] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/System.Net/WebConnection.cs:234
at System.Net.WebConnection.InitConnection (System.Net.WebOperation operation, System.Threading.CancellationToken cancellationToken) [0x000f7] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/System.Net/WebConnection.cs:263
at System.Net.WebOperation.Run () [0x00052] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/System.Net/WebOperation.cs:268
at System.Net.WebCompletionSource1[T].WaitForCompletion () [0x0008e] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/System.Net/WebCompletionSource.cs:111 at System.Net.HttpWebRequest.RunWithTimeoutWorker[T] (System.Threading.Tasks.Task1[TResult] workerTask, System.Int32 timeout, System.Action abort, System.Func`1[TResult] aborted, System.Threading.CancellationTokenSource cts) [0x000e8] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/System.Net/HttpWebRequest.cs:956
at System.Net.Http.MonoWebRequestHandler.SendAsync (System.Net.Http.HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) [0x0029b] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System.Net.Http/MonoWebRequestHandler.cs:485 }

Answers

  • jezhjezh Member, Xamarin Team Xamurai

    What's the value in your .csproj file for the key <MtouchTlsProvider>? The option values are Default and Legacy ,and Default is the Apple TLS provider , while Legacy is the Mono TLS provider .

    It is recommened to use TLS 1.2, while TLS 1.0 has been outdated.

  • LuizNegriniLuizNegrini USMember ✭✭
    edited November 2019

    @jezh said:
    What's the value in your .csproj file for the key <MtouchTlsProvider>? The option values are Default and Legacy ,and Default is the Apple TLS provider , while Legacy is the Mono TLS provider .

    It is recommened to use TLS 1.2, while TLS 1.0 has been outdated.

    NSUrlSessionHandler is a tag closest to what you said, that you commented on and has no value. I don't have the one you mentioned.

  • jezhjezh Member, Xamarin Team Xamurai

    Could you please post a baisc demo so that we can reproduce this question on our side?

  • LuizNegriniLuizNegrini USMember ✭✭

    @jezh said:
    Could you please post a baisc demo so that we can reproduce this question on our side?

    I can't because it's not that simple, I can't create an api to test this unfortunately. It would only be possible using the API I want to consume because I don't know any other that is public so we can perform tests.

Sign In or Register to comment.