Bug 15391 - The authentication or decryption has failed
Summary: The authentication or decryption has failed
Status: RESOLVED INVALID
Alias: None
Product: Android
Classification: Xamarin
Component: BCL Class Libraries ()
Version: 4.8.x
Hardware: PC Mac OS
: --- normal
Target Milestone: ---
Assignee: Jonathan Pryor
URL:
Depends on:
Blocks:
 
Reported: 2013-10-14 16:06 UTC by Allie Miller
Modified: 2013-10-15 12:22 UTC (History)
2 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report on Developer Community or GitHub with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:
Status:
RESOLVED INVALID

Description Allie Miller 2013-10-14 16:06:20 UTC
Unable to connect to https REST services with the attached test project from Xamarin Studio 4.0.12 (build 3) on Windows from our Android app.

The error is following:

System.Net.WebException: Error writing request: The authentication or
decryption has failed.
at System.Net.WebConnectionStream.WriteHeaders () [0x00000] in <filename
unknown>:0
at System.Net.WebConnectionStream.SetHeaders (System.Byte[] buffer)
[0x00000] in <filename unknown>:0
at System.Net.HttpWebRequest.SendRequestHeaders (Boolean propagate_error)
[0x00000] in <filename unknown>:0

Normal http works well, also console app on Windows in Visual Studio (the
same source code) works well over https, but https on Android  doesn't work
and we must communicate over https.

Target framework is Android 4.0 (Ice Cream Sandwich).

Running in Debug mode, but we have INTERNET permission set
correctly for sure, because the application runs without any problem on
HTTP.

Issue still remains when attempting to implement the System.Net.ICertificatePolicy interface.

=== Xamarin Studio ===

Version 4.0.12 (build 3)
Installation UUID: bddb2509-4ee9-404b-bb96-ec8c596f1464
Runtime:
Microsoft .NET 4.0.30319.18052
GTK 2.24.20
GTK# (2.12.0.0)

=== Xamarin.Android ===

Version: 4.8.1 (Enterprise Edition)
Android SDK: C:\Users\XXXX\AppData\Local\Android\android-sdk
Supported Android versions:
2.1 (API level 7)
2.2 (API level 8)
2.3 (API level 10)
3.1 (API level 12)
4.0 (API level 14)
4.0.3 (API level 15)
4.2 (API level 17)
Java SDK: C:\Program Files (x86)\Java\jdk1.7.0_40
java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
Java HotSpot(TM) Client VM (build 24.0-b56, mixed mode, sharing)

=== Build Information ===

Release ID: 400120003
593d7acb1cb78ceeeb482d5133cf1fe514467e39
Build date: 2013-08-07 18:31:48Z
Xamarin addins: 25a0858b281923e666b09259ad4746b774e0a873

=== Operating System ===

Windows 6.1.7601.65536 (64-bit)
Comment 3 Jonathan Pryor 2013-10-15 12:22:29 UTC
The reason it fails is that Android does not like your site's SSL certificate.

For example, when I view [REDACTED] on a Nexus 10 within Chrome on Android v4.3, I am presented with a page stating:

> The site's security certificate is not trusted!
> You attempted to reach [REDACTED], but the server presented a certificate issued by an entity that is not trusted by your computer's operating system...

By default, Xamarin.Android uses Android's certificate store to accept/reject SSL certificates. If Android's Browser or Chrome apps refuse to load an HTTPS url, so will Xamarin.Android.

There are two solutions:

1. Manually override the certificate check by using System.Net.ServicePointManager.ServerCertificateValidationCallback:

http://msdn.microsoft.com/en-us/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx

2. Obtain an SSL certificate that Android will accept.