admin管理员组

文章数量:1392003

I am attempting to subscribe to a graphql server over ssl on an untrusted cert. My javascript is doing this successfully as long as I've previously trusted the cert in the browser. However, When using this code in .Net Core

var subscriptionStream = graphQLClient.CreateSubscriptionStream<CustomObject>(graphqlRequest,
    (Action<WebSocketException>)(response => {
        Console.WriteLine(response);
    }));

The exception clearly states this is due to the ssl cert not being trusted. I need to find a way for C# to allow the untrusted cert.

I have tried the following:

var handler = new HttpClientHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
handler.ServerCertificateCustomValidationCallback =
    (httpRequestMessage, cert, cetChain, policyErrors) =>
    {
        return true;
    };
var graphQLClient = new GraphQLHttpClient(url, new NewtonsoftJsonSerializer(), new HttpClient(handler));
var subscriptionStream = graphQLClient.CreateSubscriptionStream<CustomObject>(graphqlRequest,
    (Action<WebSocketException>)(response => {
        Console.WriteLine(response);
    }));
var subscription = subscriptionStream.Subscribe((Action<GraphQLResponse<CustomObject>>)(response =>
{
    ...
}));

I have also tried

var graphQLClient = new GraphQLHttpClient(o => {
    o.WebSocketEndPoint = new Uri(url);
    o.UseWebSocketForQueriesAndMutations = false;
}, new NewtonsoftJsonSerializer());
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
var subscriptionStream = graphQLClient.CreateSubscriptionStream<CustomObject>(graphqlRequest,
    (Action<WebSocketException>)(response => {
        Console.WriteLine(response);
    }));
var subscription = subscriptionStream.Subscribe((Action<GraphQLResponse<CustomObject>>)(response =>
{
    ...
}));

Both cases result in the untrusted cert exception being thrown. I have also tried installing the self-signed ca cert and the self-signed cert on the windows machine running this code.

Any Ideas? Buying a ca trusted cert is not an acceptable answer. I'll reiterate that I can connect over ssl to the same server with javascript, so it's nothing server side.

I am attempting to subscribe to a graphql server over ssl on an untrusted cert. My javascript is doing this successfully as long as I've previously trusted the cert in the browser. However, When using this code in .Net Core

var subscriptionStream = graphQLClient.CreateSubscriptionStream<CustomObject>(graphqlRequest,
    (Action<WebSocketException>)(response => {
        Console.WriteLine(response);
    }));

The exception clearly states this is due to the ssl cert not being trusted. I need to find a way for C# to allow the untrusted cert.

I have tried the following:

var handler = new HttpClientHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
handler.ServerCertificateCustomValidationCallback =
    (httpRequestMessage, cert, cetChain, policyErrors) =>
    {
        return true;
    };
var graphQLClient = new GraphQLHttpClient(url, new NewtonsoftJsonSerializer(), new HttpClient(handler));
var subscriptionStream = graphQLClient.CreateSubscriptionStream<CustomObject>(graphqlRequest,
    (Action<WebSocketException>)(response => {
        Console.WriteLine(response);
    }));
var subscription = subscriptionStream.Subscribe((Action<GraphQLResponse<CustomObject>>)(response =>
{
    ...
}));

I have also tried

var graphQLClient = new GraphQLHttpClient(o => {
    o.WebSocketEndPoint = new Uri(url);
    o.UseWebSocketForQueriesAndMutations = false;
}, new NewtonsoftJsonSerializer());
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
var subscriptionStream = graphQLClient.CreateSubscriptionStream<CustomObject>(graphqlRequest,
    (Action<WebSocketException>)(response => {
        Console.WriteLine(response);
    }));
var subscription = subscriptionStream.Subscribe((Action<GraphQLResponse<CustomObject>>)(response =>
{
    ...
}));

Both cases result in the untrusted cert exception being thrown. I have also tried installing the self-signed ca cert and the self-signed cert on the windows machine running this code.

Any Ideas? Buying a ca trusted cert is not an acceptable answer. I'll reiterate that I can connect over ssl to the same server with javascript, so it's nothing server side.

  • graphql
  • ssl-certificate
  • self-signed
  • graphql-dotnet
  • trusted-vs-untrusted
Share Improve this question asked Mar 15 at 16:04 tantonjtantonj 11 bronze badge
Add a comment  | 

1 Answer 1

Reset to default 0

For subscriptions, I am creating my graphQLHttpClient like this :

var graphQLHttpClient = new GraphQLHttpClient(graphQLOptions, new NewtonsoftJsonSerializer());

Where:

var graphQLOptions = new GraphQLHttpClientOptions
{
  ...
  ConfigureWebsocketOptions = s => {
    s.RemoteCertificateValidationCallback = (sender, cert, chain, sslPolicyErrors) => { return true; };
  }
};

Hope this helps!

本文标签: graphqlNET GraphQLHttpClient with untrusted ssl certStack Overflow

版权声明:本文标题:graphql - .NET GraphQLHttpClient with untrusted ssl cert - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1744609676a2615576.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。