Remote client SSL verification error
afshinm opened this issue · 1 comments
afshinm commented
Describe the bug
In order to connect to the .NET Framework app using the Remote Client feature, we use an IP:PORT combination which means the SSL handshake fails because the request Host
header is invalid.
Is it possible to either disable SSL check entirely or add a custom header to the Remote Client requests?
Exceptions (if any)
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch
Further technical details
Please include the following if applicable:
ASP.NET Framework Application:
- Technologies and versions used (i.e. MVC/WebForms/etc): MVC 5
- .NET Framework Version: 4.7.2
- IIS Version: 10.0.22621
- Windows Version: 10
afshinm commented
The BackchannelClient
can be customized to either pass the Host
header to the .NET Framework side or disable SSL handshake entirely (not recommended). Here is an example:
var proxyUri = new Uri(Configuration["ProxyTo:Uri"]);
services.AddSystemWebAdapters()
.AddRemoteAppClient((options) =>
{
options.BackchannelClient = new HttpClient(new HttpClientHandler { UseCookies = false, AllowAutoRedirect = false });
options.BackchannelClient.BaseAddress = proxyUri;
options.BackchannelClient.DefaultRequestHeaders.Add("Host", Configuration["ProxyTo:Hostname"]);
options.BackchannelClient.DefaultRequestHeaders.Add(options.ApiKeyHeader, apiKey);
options.RemoteAppUrl = proxyUri;
options.ApiKey = apiKey;
})
.AddAuthenticationClient(true);