An error occurred while sending the request. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. The remote certificate is invalid according to the validation procedure.

[tanishagarg-sf]

Describe the bug
A one liner of what the bug is.
Error: ---> (Inner Exception #0) System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

VaultSharp Version
The version of VaultSharp package being used
VaultSharp.1.4.0.1

Vault Version
The version of Vault server being used

Does this work with Vault CLI?
Yes/No
Yes using curl commands

Any additional info
Helpful info

[konidev20]

Hey @tanishagarg-sf,

I see that the remote certificate validation is failing in the HTTP Client being used by the VaultSharp library. The error is The remote certificate is invalid according to the validation procedure.

This usually occurs when the server's certificate is not in the trust store of the client machine or if the server certificate is invalid.

Request you provide more information about the vault server setup:
2. Does it have a self-signed certificate or
3. Does it have a Global CA signed certificate with valid intermediate CA certs?

PS: I experienced the same issue when I did not have the Server CA or cert installed in the trust store of my client application host. I also experienced this issue when the certificate of the server had expired.

Thanks,
@konidev20

[tanishagarg-sf]

Hi @konidev20
I resolved this error by adding server CA root to Trust store.
Can you please help with below ?

After this, i am seeing this error, vaultsharp.core.vaultapiexception {"errors":["tls connection required"]}, if you want i can paste details here as well. Thanks!

[konidev20]

Hey @tanishagarg-sf,

It looks like a configuration issue. I will try to support you on StackOverflow.

Request @rajanadar to close this issue.

[tanishagarg-sf]

Sure @konidev20 Please help this second issue as well along, this one of my friend raised as i was not able to post. Thanks!

[konidev20]

Hey @tanishagarg-sf ,

Since your connection is going through a proxy. Have you checked if the connection between the proxy, I reckon the TLS connection is being terminated on the proxy. Ideally, from the proxy there must be another TLS connection to the Vault Server.

I couldn't answer on StackOverflow.