This project is read-only.
23
Vote

The remote certificate is invalid according to the validation procedure.

description

I hope this will help someone out there who is having the same issue we have.

This error happens when you verify the Recaptcha response from the request after you deploy your project (ours is ASP.NET MVC5) to a IIS server.

We spent a day trying to figure out why and finally, by looking into the Recaptcha source code, found out that the verifyUri is still pointing to http://api-verify.recaptcha.net/verify.

I know some people would say that is just an alias to the new uri http://www.google.com/recaptcha/api/verify, but it's not just that. If you register your site, get your private and private keys, and use your keys with the Recaptcha api, it looks like somehow the certificate stores the uri as google.com instead of recaptcha.net.

We have successfully fixed the issue by cloning the source code, changing all verifyUris that use recaptcha.net to google.com/recaptcha/api/verify, recompiling the project and referencing its dll in our project. That sucks because now our project has hard dependency with this custom dll.

Please either fix this issue or provide at least an option (in app settings?) to define the verifyUrl parameter instead of hardcoding it in the code. I have attached an image showing the error details and the fixes we did in the source code.

We love Recaptcha so much. This is an awesome project.

file attachments

comments

BarryIT99 wrote Aug 31, 2014 at 9:47 PM

I am having this same problem using Azure Web site.

wrote Sep 1, 2014 at 5:30 AM

wrote Sep 16, 2014 at 6:54 PM

wrote Sep 16, 2014 at 10:34 PM

wrote Sep 17, 2014 at 10:51 PM

BaxterWoofus wrote Sep 17, 2014 at 10:58 PM

I am having the same problem using this in an MVC 5 application.

klawry wrote Sep 23, 2014 at 4:31 PM

We're having exactly the same problem. Everything works perfectly without SSL, but once SSL is introduced it throws the same error: "The remote certificate is invalid according to the validation procedure." Please fix.

stevenaburton wrote Oct 10, 2014 at 5:31 PM

Same here.

wrote Oct 13, 2014 at 5:50 AM

wrote Oct 17, 2014 at 5:50 PM

nparadis wrote Oct 17, 2014 at 5:51 PM

I have the same problem as well.

wrote Oct 24, 2014 at 5:04 PM

wrote Oct 28, 2014 at 5:09 PM

rippo wrote Oct 28, 2014 at 5:10 PM

Me too, what is quick workaround?

davidliang2008 wrote Oct 28, 2014 at 5:51 PM

I stated the workaround in the description as well, starting with "We have successfully fixed the issue by .....".

wrote Nov 3, 2014 at 4:26 PM

wrote Nov 3, 2014 at 4:31 PM

wrote Nov 6, 2014 at 3:29 PM

oblancox wrote Nov 6, 2014 at 3:29 PM

I have the same problem.

wrote Nov 6, 2014 at 4:59 PM

kyle_peters wrote Nov 7, 2014 at 4:00 PM

I got bit by this today. I have the same concerns as davidliang2008 - customizing this source code sucks! (but I do thank him with the work-around.) I use Google reCaptcha with success on web forms and non-SSL pages. When is this issue going to be fixed in the project?

wrote Nov 12, 2014 at 5:35 PM

wrote Nov 18, 2014 at 4:41 PM

wrote Nov 28, 2014 at 3:20 PM

wrote Dec 9, 2014 at 7:26 PM

tparrish wrote Dec 31, 2014 at 7:08 PM

We had this same issue. Ended up having to fix it ourselves, which is incredibly annoying.

It was such an easy fix, I'm not sure what's taking so long.

Hopefully it gets patched soon.

GrantRoy wrote Jan 7, 2015 at 1:52 PM

Still a problem!

wrote Jan 20, 2015 at 9:42 PM

wrote Jan 27, 2015 at 9:41 PM

JoeyBradshaw wrote Mar 3, 2015 at 7:13 AM

Unfortunately like so many open source projects this one is dead. The owner is busy running his own business so there is no other option than to fix it manually. This thread shows more details. Maybe someone will clone it and put it on github with the fixes...

wrote Apr 9, 2015 at 6:43 AM

tanveery wrote Apr 19, 2015 at 10:25 AM

Thank you all for the comments. This is fixed.

The project has been moved to https://github.com/tanveery/recaptcha-net.