The remote certificate is invalid according to the validation procedure

The customer created a new test server. We installed Dynamics NAV2017 CU28.10.0.28682 version that connects to the existing test database.
We are using a webservice to send files to external party "HL". First we try to establish a connection by using HttpWebRequest with the HTTPS url of HL and with an Ocp-Apim-Subscription-Key in the header.
The connection failed with error ''The remote certificate is invalid according to the validation procedure".
When we do this with Postman, the connection is succesfully established.
So what is going wrong?

Best Answer

  • edwinschuttenedwinschutten Member Posts: 17
    Answer ✓
    We found the problem. When retrieving the certificate from the certificate authority, an URL of the revocation list was send back. This URL was different than the HTTPS URL.
    Dynamics tried to retrieve the revocation list by using this URL, but the firewall was blocking the URL. Therefore the revocation list could not be checked and the HTTPS channel was not created.

    A piece of the .Net debug information:

    System.Net Information: 0 : [2884] SecureChannel#24816868 - Remote certificate has errors:
    System.Net Information: 0 : [2884] SecureChannel#24816868 - The revocation function was unable to check revocation for the certificate.
    System.Net Information: 0 : [2884] SecureChannel#24816868 - The revocation function was unable to check revocation because the revocation server was offline.
    System.Net Information: 0 : [2884] SecureChannel#24816868 - Remote certificate was verified as invalid by the user.
    System.Net.Sockets Verbose: 0 : [2884] Entering Socket#34867337::Dispose()
    System.Net Error: 0 : [2884] Exception in HttpWebRequest#50053605:: - The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel..
    System.Net Error: 0 : [2884] Exception in HttpWebRequest#50053605::GetResponse - The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel..

Answers

  • frgustofrgusto Member Posts: 32
    Hi @edwinschutten !
    I am facing the same problem. Did you find any solution?
  • krikikriki Member, Moderator Posts: 9,112
    [Topic moved from 'General Chat' forum to 'NAV Three Tier' forum]

    Regards,Alain Krikilion
    No PM,please use the forum. || May the <SOLVED>-attribute be in your title!


  • edwinschuttenedwinschutten Member Posts: 17
    Answer ✓
    We found the problem. When retrieving the certificate from the certificate authority, an URL of the revocation list was send back. This URL was different than the HTTPS URL.
    Dynamics tried to retrieve the revocation list by using this URL, but the firewall was blocking the URL. Therefore the revocation list could not be checked and the HTTPS channel was not created.

    A piece of the .Net debug information:

    System.Net Information: 0 : [2884] SecureChannel#24816868 - Remote certificate has errors:
    System.Net Information: 0 : [2884] SecureChannel#24816868 - The revocation function was unable to check revocation for the certificate.
    System.Net Information: 0 : [2884] SecureChannel#24816868 - The revocation function was unable to check revocation because the revocation server was offline.
    System.Net Information: 0 : [2884] SecureChannel#24816868 - Remote certificate was verified as invalid by the user.
    System.Net.Sockets Verbose: 0 : [2884] Entering Socket#34867337::Dispose()
    System.Net Error: 0 : [2884] Exception in HttpWebRequest#50053605:: - The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel..
    System.Net Error: 0 : [2884] Exception in HttpWebRequest#50053605::GetResponse - The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel..
Sign In or Register to comment.