I'm Andrew Hoefling, and I work for FileOnQ as a Lead Software Engineer building mobile technologies for Government, Financial and First Responders using Xamarin. 

Xamarin
 

Xamarin.Forms Untrusted Certificate SSL Development Workaround

On my Xamarin.Forms project I am using an Untrusted Certificate (SSL) just for development on my local machine and with the development servers. This has caused several headaches and issues while trying to code around it on VPN. The latest issue that has popped up was exceptions being thrown regarding untrusted certificates when trying to access images off of the development server.

[0:] Image Loading: Error getting stream for http://dev.enviornment.com/sample/image.jpg: 
System.Net.WebException: Error: TrustFailure (The authentication or decryption has failed.) ---> 
System.IO.IOException: The authentication or decryption has failed. ---> 
System.IO.IOException: The authentication or decryption has failed. ---> 
Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error code: 0xffffffff800b010b

This exception can pop-up in multiple forms but the general idea remains the same:

  • Invalid Certificate
  • Untrusted Certificate
  • Trust Failure

Simple Fix

There is a simple solution to this and you can work around the problem to continue moving forward with your development with the Invalid Certificate. In your device specific projects you will need to add Certificate Validation code. In our example below we added code to the MainActivity in the Droid project.

New Line:

ServicePointManager.SErverCertificateValidationCallback += (o, cert, chain, errors) => true;

Entire Snippet:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
 
public class MainActivity : FormsApplicationActivity
{
    protected override void OnCreate(Bundle bundle)
    {
        base.OnCreate(bundle);
        Forms.Init(this, bundle);

        // I strongly recommend wrapping this in the compiler directive, because you should have a proper
        // certificate in a production environment.
#if DEBUG
        ServicePointManager.ServerCertificateValidationCallback += (o, certificate, chain, errors) => true;
#endif

        LoadApplication(new MkoFormsApplication());
    }
}

 

This workaround is just to unblock development and is not intended to go into production hence the compile directives #if DEBUG.

Share

Tags

DevelopmentInvalid CertificateSSLHTTPSUntrustedC#.NET