faniereynders
commented
9 years ago Hi @pauliusg have you found a workaround for this?
Closed pauliusg closed 8 years ago
faniereynders
commented
9 years ago Hi @pauliusg have you found a workaround for this?
pauliusg
commented
9 years ago Hi,
Currently I have 2 endpoints (http and https) and later I can set the right one from code: WebApi.Proxies.Configuration.PosWebApiProxyBaseAddress = ...
Also for client I have to provide my requests handler:
var handler = new WebRequestHandler();
handler.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;
using (var client = new UpdateProcessedImageClient(handler))
{
}Custom handler is not a problem at all, but problem if third party WebAPI provider has only https endpoint with self-signed certificate. I am very happy that my third party provides both :)
faniereynders
commented
9 years ago You can also wrap your the handler.ServerCertificateValidationCallback(...) call in conditional compilation directives like DEBUG for example in your development environment
pauliusg
commented
9 years ago Thing is, that my third party will have self-signed cert even in production. I don't like that but I can't change that.
As I said, I have my workarounds, but it would be nice to have attribute in config to allow generate client from server which has invalid SSL cert.
wolfen351
commented
8 years ago Is the issue the generation or runtime? Reading between the lines it looks like generation time, if so we could just add the config setting as you describe..
pauliusg
commented
8 years ago Yes, issue is only in the generation.
faniereynders
commented
8 years ago So if I understand it correctly, the proxy endpoint is over HTTPS and the generation fails on the development machine because there's no self-signed certificate? Also, if you're saying two endpoints, do you mean one for development (using HTTP) and one for production (using HTTPS)?
pauliusg
commented
8 years ago Guys you are talking about the same thing again. Currently I have no issues with my project because endpoint can be accessed by http or https, so I run generation over http and later from code I change endpoint to https also I set ServerCertificateValidationCallback to always return true.
Issue is in client generation.
But I think for other WebApiProxy users who have only HTTPS endpoint with self signed certificate it would be great to have attribute allowUntrustedSsl in configuration. If you don't want to implement that, please close this issue. I don't care.
faniereynders
commented
8 years ago This issue has been discussed over and over in #79 and due to low demand and priority it was decided to not implement for now (at least). When there's more demand for this feature we could look at it again in the future. Thank you for your contribution @pauliusg! :clap:
Because now command WebApiProxy-Generate-CSharp fails on https if you use self-signed SSL certificate for your WebApi.