Unable to call web data ("TlsException: The server stopped the handshake")

Any help is appreciated here, as this bug is breaking my game :frowning:


I’m trying to call a web JSON API to fill some text in my UI. I’m using the code below to get the raw JSON. Up until now it worked like a charm, but now it’s broken and throws a handshake error (“TlsException: The server stopped the handshake”). I did not recently make any changes to this script, and it had been working for a good while.


I believe this is an issue with Mono not trusting the certificate for this website, but after some extensive trial-and-error googling I’m still not exactly sure how to fix it. Please note that I copied and pasted the majority of this code from another question on the forums - I am not at all an expert on certificate validation.


Thank you in advance for your help :slight_smile:

	public static string webData;
	public Text myText;

	void Start () {
		ServicePointManager.ServerCertificateValidationCallback = MyRemoteCertificateValidationCallback;
		System.Net.WebClient wc = new System.Net.WebClient();
		byte[] raw = wc.DownloadData("https://opentdb.com/api.php?amount=1&type=multiple");
		webData = System.Text.Encoding.UTF8.GetString(raw);
	}

	public bool MyRemoteCertificateValidationCallback(System.Object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
		bool isOk = true;
		// If there are errors in the certificate chain, look at each error to determine the cause.
		if (sslPolicyErrors != SslPolicyErrors.None) {
			for (int i=0; i<chain.ChainStatus.Length; i++) {
				if (chain.ChainStatus *.Status != X509ChainStatusFlags.RevocationStatusUnknown) {*
  •  			chain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain;*
    
  •  			chain.ChainPolicy.RevocationMode = X509RevocationMode.Online;*
    
  •  			chain.ChainPolicy.UrlRetrievalTimeout = new TimeSpan (0, 1, 0);*
    
  •  			chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags;*
    
  •  			bool chainIsValid = chain.Build ((X509Certificate2)certificate);*
    
  •  			if (!chainIsValid) {*
    
  •  				isOk = false;*
    
  •  			}*
    
  •  		}*
    
  •  	}*
    
  •  }*
    
  •  return isOk;*
    
  • }*
    }

Maybe try adding this before overriding the ServerCertificateValidationCallback

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;