VaultSharp icon indicating copy to clipboard operation
VaultSharp copied to clipboard

Published 20 hours ago verified publisher icon rajanadar

An error occurred while sending the request. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. The remote certificate is invalid according to the validation procedure.

Open tanishagarg-sf opened this issue 2 years ago • 5 comments

Describe the bug A one liner of what the bug is. Error: ---> (Inner Exception #0) System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

VaultSharp Version The version of VaultSharp package being used VaultSharp.1.4.0.1

Vault Version The version of Vault server being used

Does this work with Vault CLI? Yes/No Yes using curl commands

Any additional info Helpful info

tanishagarg-sf avatar Jul 04 '23 11:07 tanishagarg-sf

Hey @tanishagarg-sf,

I see that the remote certificate validation is failing in the HTTP Client being used by the VaultSharp library. The error is The remote certificate is invalid according to the validation procedure.

This usually occurs when the server's certificate is not in the trust store of the client machine or if the server certificate is invalid.

Request you provide more information about the vault server setup: 2. Does it have a self-signed certificate or 3. Does it have a Global CA signed certificate with valid intermediate CA certs?

PS: I experienced the same issue when I did not have the Server CA or cert installed in the trust store of my client application host. I also experienced this issue when the certificate of the server had expired.

Thanks, @konidev20

konidev20 avatar Jul 10 '23 18:07 konidev20

Hi @konidev20 I resolved this error by adding server CA root to Trust store. Can you please help with below ?

After this, i am seeing this error, vaultsharp.core.vaultapiexception {"errors":["tls connection required"]}, if you want i can paste details here as well. Thanks!

tanishagarg-sf avatar Jul 10 '23 18:07 tanishagarg-sf

Hey @tanishagarg-sf,

It looks like a configuration issue. I will try to support you on StackOverflow.

Request @rajanadar to close this issue.

konidev20 avatar Jul 10 '23 18:07 konidev20

Sure @konidev20 Please help this second issue as well along, this one of my friend raised as i was not able to post. Thanks!

tanishagarg-sf avatar Jul 10 '23 18:07 tanishagarg-sf

Hey @tanishagarg-sf ,

Since your connection is going through a proxy. Have you checked if the connection between the proxy, I reckon the TLS connection is being terminated on the proxy. Ideally, from the proxy there must be another TLS connection to the Vault Server.

I couldn't answer on StackOverflow.

konidev20 avatar Jul 14 '23 04:07 konidev20