Skip to content

Question: Is it possible to bypass certificate validation in the WebRiskServiceClient? #15505

Description

@Eagle-Tim

I am using WebRiskServiceClient in package Google.Cloud.WebRisk.V1 in a dotnet application, and I trying to disable SSL validation due to having issues with certificates when using a Wiremock container.

This is my current code sample (I am using the RestGrpcAdapter because WireMock is much less hassle to use with http requests).

services.AddHttpClient<WebRiskServiceClient>()
	.ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler
	{
		ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true,
	});

services.AddWebRiskServiceClient((provider, builder) =>
{
	builder.GrpcAdapter = RestGrpcAdapter.Default;
	builder.Endpoint = "https://localhost:8443"; // Wiremock

	var options = provider.GetRequiredService<IOptions<GoogleCloudOptions>>().Value;
	builder.ApiKey = options.ApiKey;
});

However, I am not convinced it is picking up the HttpClient I have configured. When the WebServiceClient performs a call (SearchUris in this case) I get an exception raised "The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch, RemoteCertificateChainErrors."

What is the correct way to overrride the HttpClient here?

Metadata

Metadata

Assignees

No one assigned

    Labels

    priority: p3Desirable enhancement or fix. May not be included in next release.type: feature request‘Nice-to-have’ improvement, new feature or different behavior or design.

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions