Bosch Smart Home API C# RestRequest Error “The request was aborted: Could not create SSL/TLS secure channel.”

0
votes

I'm trying to use RestSharp to call the local Bosch Smart Home API. The Documentation by Bosch shows how to use Postman to HTTP-Request the local API, wich all functions properly. I can even request a Device-List, after creating a self-signed Certificate and setting Postman up accordingly. So I tried to develop a simple C# Code to request the same list via RestSharp. 

static void RestGet()
        {
            System.Net.ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
            const String WEBSERVICE_URL = "https://10.20.1.41:8444/smarthome/devices";
            const string certificate_path = @"C:\Users\niko\Documents\certificates\certificate.pfx";
            const string certificate_pass = "....";
            const string systemPassword = "...."; //encrypted in BASE64
            string ua = "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0";

            ServicePointManager.Expect100Continue = true;
            ServicePointManager.DefaultConnectionLimit = 9999;
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;


            var client = new RestClient("https://10.20.1.41:8444/smarthome/devices");
            client.Timeout = 100000;
            X509Certificate2 cer = new X509Certificate2(certificate_path, certificate_pass);
            client.ClientCertificates = new X509CertificateCollection() { cer };
            var request = new RestRequest(Method.GET);
            request.AddHeader("Content-Type", "application/json");
            request.AddHeader("api-version", "1.0");
            request.AddHeader("Systempassword", systemPassword);
            IRestResponse response = client.Execute(request);
            Console.WriteLine(response.ErrorMessage);
            Console.WriteLine(response.Content);
            Console.ReadKey();
        }

For some reason the Server just sends the ErrorMessage "The request was aborted: Could not create SSL/TLS secure channel.". I've been trying to figure it out for the whole day, but since the API is pretty new, there isn't any info up about it yet.

1
c#sslcertificatehttprequestrestsharp
Us a sniffer like wireshark or fiddler and compare the first request from Postman with the c# request. Make the headers in c# look exactly like postment.jdweng
I tried that, but that doesn't seem to work either. Still gives me the same error. I'm beginning to think it's because of the certificate, wich I created with opensll, but it can't be the certificate itself, because I used it for the postman requests as well. I also tried to use a httpwebrequest instead of restsharp, but I got the same error with that.Niko T.
So the headers now match? Do you have extra header that may not be needed?There are two types of HTTP 1) 1.0 steam 2) 1.1 chunk. Which do you have? The response will have a status like 200 OK or a 400 or 500 failure. What is the status in the response? If you get 200 OK then maybe the response body is GZIP. HTTP uses TCP as the transport layer. The TLS verification is done in the TCP messages. The TCP when the connection terminates will have a [FIN]. So most likely the TLS is not verifying and closing the connection.jdweng
Well I don't get a ResponseCode at all, wich is exactly the problem.Niko T.
Curiosly: I just accidentaly left Fiddler open in the background while trying to debug my C# code further and it worked. I got the HTTP-Response I've been waiting for. Since the only difference Fiddler makes in the background is the certificate (you have to store an extra client certificate for fiddler to use), it HAS to be the way I load the certificate into my request in C#Niko T.

1 Answers

0
votes

So. Once I noticed that the request would actually succeed while Fiddler was open in the Background, I knew my error had to be how I load the certificate into my program (Because Fiddler uses a seperate certificate, that you have to provide). The first thing I did after noticing that, was copying the certificate I provided Fiddler into my project and loading that into the program. AND IT FINALLY WORKS! I can't tell you how that certificate was different from the other ones.