I have a problem requesting HTTPS service over the internet on some client, when I try to do it the exception is thrown that "The ServicePointManager doesn't support proxies with the https scheme". On some clients my code works fine, but on some it fails with the exception. I think customers for whom the code works fine have http proxy, and https traffic comes through the http proxy, which is perfectly fine.
This function creates a new request:
var req = (HttpWebRequest)WebRequest.Create(url);
// This thing is needed to get default proxy
// and user credentials written in iexplore
var proxy = req.Proxy;
if(proxy != null) {
var puri = proxy.GetProxy(req.RequestUri);
var prox = new WebProxy(puri.ToString());
prox.Credentials = CredentialCache.DefaultCredentials;
req.UseDefaultCredentials = true;
req.Proxy = prox;
}
// Setting up custom cookies and UA
req.CookieContainer = Config.Cookies;
req.UserAgent = Config.UserAgent;
This is how I'm accepting all certificates:
ServicePointManager.ServerCertificateValidationCallback =
(sender, cert, chain, sslpolicy) => true;
It seems that ServicePointManager doesn't infact support working with proxies over https. How can I fix this issue? What if I somehow make the https WebRequest go through the http proxy instead of https, will this work, if so how can I do it?
Yes, you are right, It seems like The ServicePointManager does not support proxies of the https scheme.
If you change the scheme from HTTPS to HTTP it will work fine.
It's only an initial request between the client and proxy that is not secure or over SSL. The traffic tunneled through the proxy is encrypted or no depending on the server.
If you are trying to access any SSL server through the HTTP proxy, the traffic is still encrypted.
Let say if you are trying to access the HTTP server through HTTPS proxy still, the traffic is not encrypted.
Related
I'm trying to connect to a website using WebRequest and a proxy that has basic Authorization. When connecting to a http site works fine but if I try to connect to a https site get 401 error, looking at network monitor when I try to connect to a https site, don't know why the Authorization header its not present.
Already tried add NetworkCredentials at both proxy and WebRequest no luck either.
IWebProxy proxy = new WebProxy("http://proxyaddress:port");
HttpWebRequest conn = (HttpWebRequest)WebRequest.Create(WEBSERVICE_URL);
conn.Method = "GET";
String encoded = System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes("username:password"));
conn.Headers.Add("Authorization", "Basic " + encoded);
conn.PreAuthenticate = true;
conn.Proxy = proxy;
conn.GetResponse();
I had this issue recently where our company proxy stripped Basic auth headers (since it is not secure) when making an external API request to prevent leakage, the only way around this was to order a developer proxy for that URL so that there where no authentications or interceptions. If you have access to the proxy try to configure it to allow Basic auth.
I'm looking for the way to provide credentials (grammatically) for HTTP proxy that should be used to connect to service (Security Token Service), the proxy credentials differ from the credentials for the service.
I saw several posts here (it took me back to 2006-8) and the solution was by changing the default proxy
WebProxy proxy = new WebProxy("http://myproxyserver",true);
proxy.Credentials = new NetworkCredential("username", "password");
WebRequest.DefaultWebProxy = proxy;
I think it is risky to change the global setting for all WebRequests from my assembly that performs a dedicated task.
I'm wondering if in .NET 4.5 there is a better solution for this case.
Similar questions:
WCF Custom Http Proxy Authentication
How can I set an HTTP Proxy (WebProxy) on a WCF client-side Service proxy?
Don't set default proxy, set proxy object with desired credentials per request
I'm trying to get some resources from the website using simple HttpClient and HttpClientHandler classes. When i use Http, it works well but in case of Https it doesn't work. The following code is my settings:
var url="https://www.someurl.com";
var proxy = new WebProxy("127.0.0.1", 8888);
WebRequest.DefaultWebProxy = proxy;
htmlHandler = new HttpClientHandler();
htmlHandler.UseProxy = true;
htmlHandler.Proxy = proxy;
I also changed settings of .exe.config file and it didn't worked. I should note that just one entry in fiddler was shown:
Is the Tunnel line in the picture you included a reference to the site to which the .NET client is trying to send traffic? Or is it unrelated? (What is the Process column?)
What do you see on the LOG tab when traffic is sent to Fiddler?
The most likely explanation is that the Fiddler Root Certificate is not trusted by the account in which the .NET client application runs. Fiddler allows you to trust the Fiddler Root certificate on a machine-wide basis which will resolve such issues.
I am trying to access service bus via a squid3 webproxy with Basic authentication enabled in the proxy using C#
i am using below code to set the web proxy
webproxy webproxy = new webproxy("http://weproxyuri:port", false);
webproxy.credentials = new networkcredential("username", "password","domain");
WebRequest.DefaultWebProxy = webProxy
i am using below code to access service bus
MessagingFactory messagingFactory = MessagingFactory.CreateFromConnectionString(connectionstring);
QueueClient queueSendClient = messagingFactory.CreateQueueClient(queuename);
var bm1 = queueSendClient.Peek();
access of service bus is failing with error - The X.509 certificate CN=servicebus.windows.net is not in the trusted people store
in the proxy log i am seeing 1454679317.842 0 10.168.84.150 TCP_DENIED/407 4046 GET http://www.microsoft.com/pki/mscorp/msitwww2.crt - HIER_NONE/- text/html
in the network traces i am seeing host trying to connect to http://www.microsoft.com/pki/mscorp/msitwww2.crt first it is trying to connect with out authentication then proxy is saying HTTP/1.1 407 Proxy Authentication required as a response to the request for this ideally host should resend the request with Proxy-Authorization Header which contains username and password but i am seeing a weird behavior where host is not send the Proxy-Authorization Header in the second time
any registry key needs to be set ?
i am using windows core 2012 R2 as host
this issue is fixed in 3.0.50496.1 or higher version of Microsoft.ServiceBus.dll
Following the idea about using a WebProxy to make an http request to a server by IP address as demonstrated in the following answers :
Request Web Page in c# spoofing the Host
Http Request - Bypass DNS [.Net]
I'm trying to achive the same goal with an HTTPS request. I would like to still use an HttpWebRequest object in order to let the system automatically manage the certificate validation.
Unfortunately, this is not working and I get a System.Net.WebException with WebExceptionStatus.Timeout status.
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(
"https://www.mywebiste.net/"
);
System.Net.WebProxy proxy = new WebProxy(
"192.168.3.14"
, 443 // HTTPS
);
request.Proxy = proxy;
WebResponse response = request.GetResponse()
Any Help appreciated.
TIA.
Try setting BYPassOnLocal as false.
http://msdn.microsoft.com/en-us/library/234s6ee9.aspx