c# - Ignore SSL errors with signalR Core Client

Question

I'm making an application that involves a website on localhost as a user interface with Asp.net Core and SignalR Core.

My problem is that I get an authentication exception when starting the connection. I know this happens because I haven't ran dotnet dev-certs https --trust. But I can't expect an average user to run this command or have the dotnet SDK installed at all.

I've tried using

ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;

in my Startup.cs (and other places, but I understand that it's a global setting. in any case it was executed before the HubConnection) to no avail. I also tried setting a new HttpMessageHandlerFactory, but the documentation tells me that doesnt affect Websockets.

I don't believe this is a solution, because I can't use a different HttpClient (unless I'm mistaken)

As you can see, I'm not connecting to https at all:

connection = new HubConnectionBuilder().WithUrl("http://localhost:5000/MiniLyokoHub" ).Build();

So I don't see why it is even trying to get the certificate.

Here is the full error: https://pastebin.com/1ELbeWtc

How can I get around this issue? I don't need a certificate, since the user will be connecting to their own localhost. Or should I just not use websockets?

Answer 1

When connecting to HTTPS, to always verify the SSL certificate in SignalR Core client you should do this in HttpMessageHandlerFactory configs. Use HttpConnectionOptions in WithUrl method like this:

connection = new HubConnectionBuilder()
.WithUrl("https://localhost:443/MiniLyokoHub", (opts) =>
{
    opts.HttpMessageHandlerFactory = (message) =>
    {
        if (message is HttpClientHandler clientHandler)
            // always verify the SSL certificate
            clientHandler.ServerCertificateCustomValidationCallback +=
                (sender, certificate, chain, sslPolicyErrors) => { return true; };
        return message;
    };
})
.Build();