Are there differences to consider? http and https with - HttpClient

Markus Freitag 3,786 Reputation points
2022-04-01T10:40:33.297+00:00

Hello,

Are there differences to consider? http and https with - HttpClient

c-only-http-and-https-schemes-are-allowed-httpclie.html

I will come back to my question again.

According to the customer, the application works with http.,
but not with https

Is it because of the server or can I change something in C#?
If so what? 

 using (HttpClient client = new HttpClient())  
 {  
      
  client.BaseAddress = new Uri(CFG.Baseaddress);   
  client.Timeout = new TimeSpan(0, 0, CFG.Timeout);  
      
  string authorization = $"{CFG.Username}:{CFG.Password}";  
      
  client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(Encoding.ASCII.GetBytes(authorization)));  
  urlParameters = CFG.UrlGetOrderData.Replace("{orderId}", orderId);  
  response = client.GetAsync(urlParameters).Result;     ///######
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,272 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,278 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Albert Kallal 4,651 Reputation points
    2022-04-02T17:35:38.557+00:00

    Was https ever setup?
    Did you add + install a security certificate?

    I as a general rule will develop on my desktop - no https enabled.

    One BIG reason? To setup and install a security certificate for https, then you need (in most cases) a public facing site, which of course I don't have while working and developing on my developer computer.

    So, I tend to not worry, and in the past I can't think of anything that broke, or did not work.

    Remember, setting up logons and that security is NOT related to that of setting up the web site to run as http, or https. They are two different goals, and concepts.

    so, in 99% of cases? You can freely work and develop without https. In fact, given that Visual Studio defaults and uses IIE express editon? Then you don't have the typical IIS setup and GUI setup stuff. So, you "can" try and attempt to get https working during development, but I just don't bother. And as noted, I can't really think of any code - even JavaScript stuff that required changes.

    So, your published site will not by magic just start using https, and you have to setup + configure https in IIS for this to work.

    So, it is assumed that you turned on in IIS for the site to use https, you have to in most case add a new binding, and then of course purchase + install a security certificate. Or you can consider using a free certificate, and they can save you say $100 per year on hosting. (often some hosting providers will offer a low cost security certificate as part of their monthly hosting package). If you running your own server say on site, then yes, you need to buy or get a security certificate.

    How to setup this up is certainly beyond the scope of this Q & A forum, but for the past while?

    Lets Encrypt (run by the Linux foundation) offers a really nice free https certificate - and one that plays nice, and works well with asp.net. You do have to re-new every 3 months - but even that process can be automated. and they even have some step by step for asp.net, and even setup scripts that work rather nice for asp.net, and IIS. And as noted, they are free. Prior to this discovery, I was buying and paying for my security certificates from Go Daddy (and was not using their hosting plans). That was a few years ago, and I was paying $110 per year (Canadian). I not looked as of recent, since as noted I now use free ones .

    Anyway, to make a long story short, you should not have to care, or worry during development. And if https is not working after you publish, then this means that IIS not been setup correctly - but you doing that from IIS, and not really from your Visual Studio project, nor do you have to care or worry about https during your development process (at least in 99% of the time).

    1 person found this answer helpful.
  2. AgaveJoe 26,136 Reputation points
    2022-04-04T15:53:43.28+00:00

    Usually when the error starts with "One or more errors occurs", there's more to the error message including a stack trace. Get the entire error message.

    In code I can not do anything, right? The customer has to do that?

    It's strange that you have no idea how your code works and you think this community has the application specifications and the source code. For the third time, the first step is to get the error message. You should be able to determine the next troubleshooting steps if you have the error message.

    1 person found this answer helpful.
    0 comments
  3. Andriy Bezkorovayny 6 Reputation points
    2022-04-03T16:45:18.553+00:00

    @Markus Freitag do you have the exact error message?
    The phrase "does not work with HTTPS" tells us nothing. there are not enough details for investigation.
    Please send the error log.