UploadAsync throwing certificate error: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch

I wrote a blazor .net app to upload a file to box through a jwt box app I created. I’m properly setting the uploaduri. I can run other commands but when it comes to uploading a file with UploadAsync, I get the errors:

‘The SSL connection could not be established, see inner exception.’
Inner: AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch

Has anyone seen this before and if so how to fix? Our support guy said this is more of a local setup issue and washed his hands of it. Hoping the community has seen this.

Hi @richinator38 , welcome to the forum!

We’ve seen this happening in a couple different situations:

  • The application is using a proxy between it’s host and upload.box.com, and something is incorrectly configured in the proxy.
  • POST requests are being made to the Box API end point /2.0/files/content using the incorrect url that is https://upload.box.com/api/2.0/files/content

These are the most common, however some hosts/proxy may have an old, deprecated, TLS version,
like 1.0, and 1.1.

The supported protocol and ciphers are:

Protocol Support

TLSv1.2
TLSv1.3

TLS ciphers supported by the server

TLSv1.2

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLSv1.3

TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_GCM_SHA256

Anyway if you, or your support, check the validity of the Box certificate using any online tool, for example digicert using the upload.box.com domain, you’ll see that our certificate is valid.

Let us know if this helps.
Best regards

I’m using the nuget package: GitHub - box/box-windows-sdk-v2: Windows SDK for v2 of the Box API. The SDK is built upon .NET Framework 4.5. So does that call api/2.0/files/content?

Hi @richinator38 ,

If you are using the SDK, it makes the call to the correct endpoint, so no worries there.

Sometimes developers don’t use the SDK or try to make POST request manually.

Is this talking about the app configured on developers/console or something else?

In the SDK you can customize the endpoints URL’s and have a proxy configuration

I take it that you’re not customizing this.

Another possibility is that your organization may be using some sort of transparent proxy and funneling all request through that.

At this point, I’m only speculating, and this is not helpful anymore. My suggestion would be for you to open a Box support ticket (login required), they will be able to diagnose your connection.

Let us know if support was able to identify the issue.

Best regards

I already opened a support ticket and they said basically we have to figure it out. I was hoping someone else ran across this. May just recommend we move on from box after this experience.

I actually am customizing the urls to our companies url. So I change the api and upload urls.

Hi,

Could you do a test with the original URL’s and see if you have the same issue?

Best regards

With the original URLs, I get a message saying “Specified method is not supported.”

Hi @richinator38

A POST to https://upload.box.com/api/2.0/files/content returns " Specified method not supported" ?

Are you sure you got the URL and the method correct?

That is odd…

curl --location 'https://upload.box.com/api/2.0/files/content?fields=id%2Ctype%2Cname' \
--header 'Content-Type: multipart/form-data' \
--header 'Authorization: Bearer dw...df' \
--form 'attributes="{
  \"name\": \"Document (PDF).docx\",
  \"parent\": {
    \"id\": \"253757099719\"
  }
}"' \
--form 'file=@"/Users/rbarbosa/Downloads/Document (PDF).docx"'
{
    "total_count": 1,
    "entries": [
        {
            "type": "file",
            "id": "1495787646432",
            "etag": "0",
            "name": "Document (PDF).docx"
        }
    ]
}

Works on my side.

I think at this point your best bet is to open a support ticket, a new one if you must.

In fact, I’ll open another one from this post.

Best regards