•   about 10 years ago

SSL cert problem

Are you using self-signed certs?

  • 11 comments

  •   •   about 10 years ago

    I'm also receiving an error about SSL/TLS cert, while trying to connect to https://greenbutton.affsys.com/a3p/api/v1/Custodian/1/Auth/

    {System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
    at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
    at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)
    at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
    --- End of inner exception stack trace ---
    at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
    at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)}

  •   •   about 10 years ago

    what type of app you are using? Mobile, asp?

  •   •   about 10 years ago

    ASP.Net

  •   •   about 10 years ago

    Try the hack
    ServicePointManager.ServerCertificateValidationCallback = delegate(object s, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return true; };

    let me know please if it worked for you

  •   •   about 10 years ago

    So that fixed the SSL/TLS cert issue, but using the Custodian/1/Auth/ link I get:

    "Unexpected response Content-Type text/html"

  •   •   about 10 years ago

    I would like first to know what URIs should I use at all. It seems that standards don't match what's in the test lab. See my discussion "Consumer Authentication Path"

  •   •   about 10 years ago

    I have been; I follow you exactly. Instructions are quite sparse and not quite clear. It looks like the Custodian already setups the Authorization steps as it providers you with a Refresh Token and Access Token.

  •   •   about 10 years ago

    Yes but as I understand we cannot use that tokens in app. This tokens should be specific to the customer so getting them should be done from your app

  •   •   about 10 years ago

    For purpose of the contest, access tokens can also be acquired for your mobile application using the Authorized Third Party (ATP) portal in the Test Lab. First register your application in the ATP portal using the "Application | Register" option in the Administration menu. Afterward, you can use the ATP to go through the authorization process for your application and to display the access token you can then use in your mobile app for subsequent data accesses.

  •   •   about 10 years ago

    According to contest requirements I need to provide the installation package. In this case my app can work only with one fixed user which received tokens via portal. Is that acceptable?

  •   •   about 10 years ago

    A fully functional application is obviously more ideal i.e. one capable of exercising the registration, authorization, and data access elements of the API. Not all participants creating a mobile application may have the requisite infrastructure for the authorization piece and so this a way to allow for the application to be created, tested and demonstrated in that case.

    Let me get clarification on the question of "acceptability".

Comments are closed.