0

I have to ASP.NET applications: one is a Web API and the other a MVC that makes requests to the first.

Everthing works in development (VS with IIS Express) but now I publish both applications to a production server and I can´t have access to the api using the MVC app.

I have CORS enabled on the API:

var cors = new EnableCorsAttribute("*", "*", "*");
config.EnableCors(cors);

On the MVC app, my api base url is set to https://localhost:44351/ and then in the IIS I have this bindings (WEB Api site):

bindings

I can make requests to the API with postman but when I run the my MVC app, I can´t make requests (and again, I could make them in development).

Thank you.

EDIT

Controller code example (MVC):

        try
        {
            var client = WebApiHttpClient.GetClient();

            var response = await client.PostAsync("Token", content);
            if (response.IsSuccessStatusCode)
            {
                TokenResponse tokenResponse =
                await response.Content.ReadAsAsync<TokenResponse>();

                WebApiHttpClient.storeToken(tokenResponse);
                return RedirectToAction("Index", "Home");
            }
            else
            {
                return Content("response.StatusCode);
            }
        }
        catch
        {
            return Content("Error");
        }

My HttpClient implementation:

    public const string WebApiBaseAddress = "https://localhost:44351/";

    public static HttpClient GetClient()
    {
        HttpClient client = new HttpClient();
        client.BaseAddress = new Uri(WebApiBaseAddress);
        client.DefaultRequestHeaders.Accept.Clear();
        client.DefaultRequestHeaders.Accept.Add(new
        MediaTypeWithQualityHeaderValue("application/json"));
        return client;
    }

EDIT 2

InnerException message:

the underlying connection was closed could not establish trust relationship for the ssl/tls
Improve this question
21
  • What do you mean by "can't make requests"? What kind of response do you get? Commented Dec 13, 2016 at 19:14
  • how are you making the request? by host name or localhost Commented Dec 13, 2016 at 19:15
  • See edit please Commented Dec 13, 2016 at 19:18
  • 3
    And also you don't need to enable CORS because you are making request from the same domain. Commented Dec 13, 2016 at 19:28
  • 4
    There is an issue with SSL certificate. Please see this post: stackoverflow.com/questions/703272/… Commented Dec 13, 2016 at 20:02

1 Answer 1

Reset to default
2

Just to summarize the discussion in the comments. The problem was due to use of self-signed certificate in IIS for Web API application.

Temporary solution for this problem is to add this line of code in application startup class (Global.asax):

ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true);

Of course you should not use that line of code in production. In production environment you should have a valid SSL certificate.

More information can be found in this post: Could not establish trust relationship for SSL/TLS secure channel -- SOAP

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.