question

Upvotes
Accepted
Gang.Chen avatar image
5 0 1 1

TRTH REST API RequestToken issue

Hi Team,


Good day. Since customer in China mainland can't access hosted.datascopeapi.reuters.com, I suggest customer using IP 192.165.219.152 directly to request token. But customer got response "

SSLError(SSLCertVerificationError("hostname '192.165.219.152' doesn't match 'hosted.datascopeapi.reuters.com'")

"

Could you kindly pls advise what is the root cause and how to resolve it ? Many thanks

tick-history-rest-api
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

veerapath.rungruengrayubkul avatar image   veerapath.rungruengrayubkul

Hi @Gang.Chen,

Thank you for your participation in the forum. Is the reply below satisfactory in resolving your query?

If so please can you click the 'Accept' text next to the appropriate reply. This will guide all community members who have a similar question.

Thanks,

AHS

3 Answers

· Write an Answer
Upvotes
Accepted
veerapath.rungruengrayubkul avatar image
11.3k 25 9 14

Hi @Gang.Chen,

SSL Certificates can be limited to a specific domain or sub domain. Requesting to IP address instead of domain name could cause the SSL certification validation failure in the application.

To avoid the issue, the client can disable certificate validation on the function or library used for the request. For example in Python, please see this question.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Gang.Chen avatar image
5 0 1 1

Hi Veerapath,

Thanks for your reply about this. May I know how to disable certificate validation in C# demo example ? One of my customer facing this issue currently. Thanks again.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
veerapath.rungruengrayubkul avatar image
11.3k 25 9 14

Hi @Gang.Chen,

For .Net application, below is the sample code to ignore the certificate name mismatch error.

using System.Net.Security;
using System.Security.Cryptography.X509Certificates;

...

private Uri dssUri = new Uri("https://192.165.219.152/RestApi/v1/");

public bool ValidateServerCertificate(
    object sender,
    X509Certificate certificate,
    X509Chain chain,
    SslPolicyErrors sslPolicyErrors)
{
        if (sslPolicyErrors == SslPolicyErrors.None)
            return true;

        if (sslPolicyErrors == SslPolicyErrors.RemoteCertificateNameMismatch)
        // ignore name mismatch err
            return true;

        Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
        // Do not allow this client to communicate with unauthenticated servers.
        return false;
}

public void ConnectToServer(string dssUserName, string dssUserPassword)
{
    System.Net.ServicePointManager.ServerCertificateValidationCallback = ValidateServerCertificate; 
    extractionsContext = new ExtractionsContext(dssUri, dssUserName, dssUserPassword);
}
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

veerapath.rungruengrayubkul avatar image veerapath.rungruengrayubkul

For the DSS GUI example, you can add this code in the MainWindow.xaml.cs file.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.