The forum post and JIRA ticket asked for pluggable HttpClientHandler’s, but there are some issues with going that route (there is header info that the server expects that is specific to CB and overall complexity of the change in the 2.X client). Instead we allow the ServerCertificateCustomValidationCallback to be overridden with custom logic for handling the SSL error returned.
Note that the issue causing the need for doing this is a .NET Core bug/issue on the particular platform (OS) they are running their code: “System.PlatformNotSupportedException: The handler does not support custom handling of certificates with this combination of libcurl (7.54.0) and its SSL backend (“SecureTransport”).” It’s not related to the Couchbase SDK specifically – any .NET CORE code using SSL will fail with the same execption on that OS.
Usage is like this:
#if NET45
|
private static bool OnCertificateValidation(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
|
#else
|
private static bool OnCertificateValidation(HttpRequestMessage request, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
|
#endif
|
{
|
return sslPolicyErrors == SslPolicyErrors.None;
|
}
|
var config = new ClientConfiguration
|
{
|
HttpServerCertificateValidationCallback = OnCertificateValidation
|
};
|
var cluster = new Cluster(config);
|
// open a bucket and use it
|
The forum post and JIRA ticket asked for pluggable HttpClientHandler’s, but there are some issues with going that route (there is header info that the server expects that is specific to CB and overall complexity of the change in the 2.X client). Instead we allow the ServerCertificateCustomValidationCallback to be overridden with custom logic for handling the SSL error returned.
Note that the issue causing the need for doing this is a .NET Core bug/issue on the particular platform (OS) they are running their code: “System.PlatformNotSupportedException: The handler does not support custom handling of certificates with this combination of libcurl (7.54.0) and its SSL backend (“SecureTransport”).” It’s not related to the Couchbase SDK specifically – any .NET CORE code using SSL will fail with the same execption on that OS.
Usage is like this:
#endif
{
}
{
HttpServerCertificateValidationCallback = OnCertificateValidation
};