Xamarin Android Web Service over HTTPS

Question

I'm having some difficulties consuming a web service that is available only over https.

I have read posts from several other people who is having issues with achieving this as well, but none of the answers I have seen so far has fixed the problem for me, so I will try to explain my issue here and hope some of you know how to get past this obstacle.

I'm using Xamarin Studio 6.1.1 developing for Android specifically. I have set the "HttpClient Implementation" under "Android Build" for the project to "AndroidClientHandler" (which appears to be the latest implementation and should support TLS 1.2).

I have added a web reference (not as WCF) to the web service and supplied the login information when prompted... So far everything is going as expected.

Note: I have tested the web service from a console application in Visual Studio and it works as expected.

However, when I attempt to call one of the methods of the web service I get the same error that I can see so many others have encountered before me which is this "Error: TrustFailure (The authentication or decryption has failed.)".

I have tried several of the previous posted solutions but nothing seems to help.

1.A) providing the callback function for ServicePointManager:

ServicePointManager.ServerCertificateValidationCallback += CertificateValidationCallBack;

1.B) the callback function:

private static bool CertificateValidationCallBack(
     object sender,
     System.Security.Cryptography.X509Certificates.X509Certificate certificate,
     System.Security.Cryptography.X509Certificates.X509Chain chain,
     System.Net.Security.SslPolicyErrors sslPolicyErrors)
    {
        // If the certificate is a valid, signed certificate, return true.
        if (sslPolicyErrors == System.Net.Security.SslPolicyErrors.None)
        {
            return true;
        }

        // If there are errors in the certificate chain, look at each error to determine the cause.
        if ((sslPolicyErrors & System.Net.Security.SslPolicyErrors.RemoteCertificateChainErrors) != 0)
        {
            if (chain != null && chain.ChainStatus != null)
            {
                foreach (System.Security.Cryptography.X509Certificates.X509ChainStatus status in chain.ChainStatus)
                {
                    if ((certificate.Subject == certificate.Issuer) &&
                       (status.Status == System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.UntrustedRoot))
                    {
                        // Self-signed certificates with an untrusted root are valid. 
                        continue;
                    }
                    else
                    {
                        if (status.Status != System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.NoError)
                        {
                            // If there are any other errors in the certificate chain, the certificate is invalid,
                            // so the method returns false.
                            return false;
                        }
                    }
                }
            }

            // When processing reaches this line, the only errors in the certificate chain are 
            // untrusted root errors for self-signed certificates. These certificates are valid
            // for default Exchange server installations, so return true.
            return true;
        }
        else
        {
            // In all other cases, return false.
            return false;
        }
    }

2) Creating an instance of the AesCryptoServiceProvider:

System.Security.Cryptography.AesCryptoServiceProvider b = new System.Security.Cryptography.AesCryptoServiceProvider();

If anyone can has a solution this the apparently pretty common problem, please don't hesitate to let me know, I only have so much hair...

kind regards, Aidal

Xamarin Android Web Service over HTTPS

Answers (1)

Related Questions