"The remote certificate is invalid according to the validation procedure" using HttpClient
The issue you are experiencing is because the subject CN presented by the certificate does not match the host name in the Uri.
Make sure that the certificate bound to the public IP address of the host does have a matching CN with the host name you are using to access the resource.
To easily verify, open the Url in a browser and view the certificate. The Issued to field should contain a FQDN and match the host name part in the Uri. In your case, it does not.
Insert this piece of code on procedure body:
static void Main(string[] args)
{
ServicePointManager.ServerCertificateValidationCallback =
delegate (object sender, X509Certificate certificate, X509Chain
chain, SslPolicyErrors sslPolicyErrors)
{
return true;
};
....
}
The answer from @Qosai was unfortunately not enough for me, at least in a SignalR 3.1 client, as the websocket part also validates SSL certificates. ClientCertificateOptions needs to be set to Manual as well.
I found a post by a SignalR contributor that got me working:
_connection = new HubConnectionBuilder()
.WithUrl(new Uri(hub_uri), options => {
options
.Cookies
.Add(http_helper.loginCookie);
var handler = new HttpClientHandler
{
ClientCertificateOptions = ClientCertificateOption.Manual,
ServerCertificateCustomValidationCallback = (httpRequestMessage, cert, cetChain, policyErrors) => true
};
options.HttpMessageHandlerFactory = _ => handler;
options.WebSocketConfiguration = sockets =>
{
sockets.RemoteCertificateValidationCallback = (sender, certificate, chain, policyErrors) => true;
};
})
.Build();
PS: If you still have issues, have a look at this article on how to enable logging properly. For my case it was a bit tricky because xUnit does not show console output. Therefore i enabled debugging logging to a file (not in the snippet)