Remote client SSL verification error

Question

Remote client SSL verification error

afshinm opened this issue a year ago · 1 comments

Describe the bug

In order to connect to the .NET Framework app using the Remote Client feature, we use an IP:PORT combination which means the SSL handshake fails because the request Host header is invalid.

Is it possible to either disable SSL check entirely or add a custom header to the Remote Client requests?

Exceptions (if any)

      System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
       ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch

Further technical details

Please include the following if applicable:

ASP.NET Framework Application:

Technologies and versions used (i.e. MVC/WebForms/etc): MVC 5
.NET Framework Version: 4.7.2
IIS Version: 10.0.22621
Windows Version: 10

Answer 1 · 2023-08-17T09:56:51.000Z

The BackchannelClient can be customized to either pass the Host header to the .NET Framework side or disable SSL handshake entirely (not recommended). Here is an example:

            var proxyUri = new Uri(Configuration["ProxyTo:Uri"]);

            services.AddSystemWebAdapters()
                .AddRemoteAppClient((options) =>
                {
                    options.BackchannelClient = new HttpClient(new HttpClientHandler { UseCookies = false, AllowAutoRedirect = false });
                    options.BackchannelClient.BaseAddress = proxyUri;
                    options.BackchannelClient.DefaultRequestHeaders.Add("Host", Configuration["ProxyTo:Hostname"]);
                    options.BackchannelClient.DefaultRequestHeaders.Add(options.ApiKeyHeader, apiKey);

                    options.RemoteAppUrl = proxyUri;
                    options.ApiKey = apiKey;
                })
                .AddAuthenticationClient(true);