Exception: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel

c# web-services iis-6 firebase-notifications windows-server-2003-r2
Bhhruguni picture Bhhruguni · Jan 7, 2017 · Viewed 21.3k times · Source

for firebase notification code

WebRequest tRequest = WebRequest.Create("https://fcm.googleapis.com/fcm/send"); 
tRequest.Method = "post";
tRequest.ContentType = "application/json";
var data = new{collapse_key = "unassigned", to = deviceToken,data = new
  {body = message,title = title,sound = "default"}
};

message to pass for notifaction on mobile 

var serializer = new JavaScriptSerializer();
var json = serializer.Serialize(data);
Byte[] byteArray = Encoding.UTF8.GetBytes(json);
tRequest.Headers.Add(string.Format("Authorization: key={0}", applicationId));
tRequest.Headers.Add(string.Format("Sender: id={0}", senderId));
tRequest.ContentLength = byteArray.Length;

error occur here below code 

using (Stream dataStream = tRequest.GetRequestStream())
{ 
  dataStream.Write(byteArray, 0, byteArray.Length);
 using (WebResponse tResponse = tRequest.GetResponse())
  { 
    using (Stream dataStreamResponse = tResponse.GetResponseStream())
    { 

   //code 1
    }     
  }   
}

Answer

Pablo Recalde picture Pablo Recalde · Jan 7, 2017

The exception in the title says that you are connecting to an endpoint with TLS encryption, and the certificate exposed by that endpoint is not trusted by you. This means that is not signed with a certificate that you have in your CA (Certificate Authority) Store. Like a self-signed certificate.

If the certificate is self signed, you can add it to your CA Store. If not, you can try to navigate the endpoint with your browser, and look for a copy of the certificate that the endpoint is presenting, to manually trust it. (Beware that by doing this if the endpoint has been already compromised you're manually trusting its certificate.)

You can also avoid this check by adding a custom certificate validation handler that always returns valid! (true). But, please be aware that doing this will expose you to man-in-the-middle attacks, as you'll loose the ability to check the endpoints authenticity.

ServicePointManager
    .ServerCertificateValidationCallback += 
    (sender, cert, chain, sslPolicyErrors) => true;

Related questions

How can I create a new application pool in a Web Setup Project?

I need to deploy my web service. It needs to run in a separate application pool in IIS with its own credentials. Is it possible to do this by using a Web Setup Project in VS 2008? By default, I seem …

Read More
Cannot open database "test" requested by the login. The login failed. Login failed for user 'xyz\ASPNET'

I have created a web service which is saving some data into to db. But I am getting this error: Cannot open database "test" requested by the login. The login failed. Login failed for user 'xyz\ASPNET'. My connection string …

Read More
WCF Service Client: The content type text/html; charset=utf-8 of the response message does not match the content type of the binding

I've got a WCF Service running on my local IIS server. I've added it as a service reference to a C# Website Project and it adds fine and generates the proxy classes automatically. However, when I try and call any …

Read More