SSL error with http request

I’m trying to use Uipath in a development project. I’m trying to use Http Request from Uipath studio to make a REST call to our server. But I get error message " The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel".

Is there a way to install our certficate in Uipath Studio or turn off SSL verification?

Hi Mattias Gradin,

Did you get any resolution for this issue. Even i am also getting similar error when i tried to connect to some application through https.

Really appreciated if you would share some thought on this.

Thanks,
Surya

Yes I actually have! The problem was our certificate, it was configured incorrectly on our server, so we made a new certification and installed it on the client side. Then I could supply the login to our service with Basic Auth and get a 200 response from our server.

We use Websphere Application Server, it was IBM BPM that I was trying to connect to. Hope some of this information helps!

1 Like

I have the very same problem, also trying to call IBM BPM. Maybe you can add some details of how you fixed it?

  1. What was the problem with the original certificate?
  2. What did you do to correct that?
  3. How did you install the new certificate on the client?

Thanks, Jan

is there any update on this topic?

My robot is disconnected all the time.So i did a lot of research on the issue as to how resolve it.
I found this guide-

https://orchestrator.uipath.com/docs/using-a-certificate-for-the-https-protocol

ye the problem persists. I also want to know that if we need to create the domain certificate (as mentioned in the steps)on a remote desktop or on the same machine in which we are working.

is there any update on this topic?
Using postman I can turn off the check on a certificate but I don’t see the option in the HTTP activity. I am calling a web service outside our organization.

@edward.hulleman I am also having the same issue. Have you managed to resolve it ?

Check whether your URL has the same format as the certificate ‘Issued To’ field.

The solution for this problem can be quite simple.
Before first use of HTTP request add “Invoke Code” activity and put the following code:

    System.Net.ServicePointManager.ServerCertificateValidationCallback +=
    (sender, cert, chain, sslPolicyErrors) => true;

It is in C#, so port it into VB.NET if you prefer it.
Use this code only for dev/test cases. In prod if you still need to use self-signed SSL certificates then inside of callback add check for your certificate.
For example(brought it from stackoverflow):

ServicePointManager.ServerCertificateValidationCallback += 
    (sender, cert, chain, error) =>
{
    if (cert.GetCertHashString() == "xxxxxxxxxxxxxxxx") // !!! Change xxxxxxxxxxxxxxxx for your certificate hash
    {
        return true;
    }
    else
    {
       return error == SslPolicyErrors.None;
    }
};

Pay attention to the comment " Change xxxxxxxxxxxxxxxx for your certificate hash"

Reference: https://msdn.microsoft.com/en-us/library/system.net.security.remotecertificatevalidationcallback(v=vs.110).aspx

3 Likes

I found myself back here years later with the same problem, so for my own and others sake here is some other things to check.

  1. What was the problem with the original certificate?
    As I understood it we tried to generate our own cert in the WAS dir but that did not work. So we just used one we could get through a browser like Chrome or Firefox.

  2. What did you do to correct that?
    Used one from Google Chrome

  3. How did you install the new certificate on the client?
    On WAS, both Node and Cell. Also on Windows in the certificate store for local computer and current user.

Lastly, what solved it this time was to add the local server host adress to the Windows host file

1 Like

Does this issue have a solution? I am getting a status 0

Have you tried suggested approach?
It is worked fine in my case.
Taking into account that UI Path Robot is .net-based application you have three options to override issue with self-signed certificates.

  1. Import certificate into client machine into Trusted using microsoft management console snap-in.
  2. Use the code which I have provided. You may supply certificate hash from configuration file. I like this solution more, because it is not requiring preprovisioning clientmachines.
  3. (I haven’t tried this solution, but I think it should work) You may modify you Robot app.config file, see example https://stackoverflow.com/questions/34424652/c-sharp-ignore-certificate-errors-via-config-file . I have modified Robot app.config file to turn on extended logging so I suppose this approach would work also.
1 Like

hello guys, @edward.hulleman @stoune @Mattias_Gradin

have anyone got any solution on this, that how to turn off SSL in HTTP request activity.

Hi ,
If i place the above code in invoke code i get sender isn’t declared error.can someone help on this