Configure HTTPS, TLS certificate validation, and custom CA certificates for the Alibaba Cloud SDK V1.0 for .NET to secure your API calls and manage connections in specific network environments.
Understand the V1.0 SDK defaults
The V1.0 SDK has different defaults than V2.0 SDKs:
-
Default protocol is HTTP: Unlike V2.0 SDKs, the V1.0 SDK defaults to HTTP. You must explicitly enable HTTPS for each request.
-
Certificate validation is on by default: When you enable HTTPS, the SDK automatically validates the server's TLS certificate.
Set the request protocol
The SDK defaults to HTTP, so you must enable HTTPS on each request to encrypt data in transit.
request.Protocol(ProtocolType.HTTPS);
Disable TLS certificate validation
The SDK validates TLS certificates for all HTTPS requests by default. In non-production environments, such as when you use a proxy with a self-signed certificate, you may need to temporarily disable this validation.
Disabling certificate validation is a security risk. Only use this option for testing in trusted environments. Never disable certificate validation in production code.
// Disable certificate validation at the client level.
client.SetHttpsInsecure(true);
// Disable certificate validation at the request level.
request.SetHttpsInsecure(true);