如何调用默认ServerCertificateValidationCallback内定制验证? [英] How to call default ServerCertificateValidationCallback inside customized validation?
问题描述
我要修改.Net的默认值 ServerCertificateValidationCallback
以验证我公司的某些证书,但保留其他证书的默认验证。
I want to modify .Net's default ServerCertificateValidationCallback
to validate as true some of my company's certificates, but keeping the default validation for other certificates.
我不能这样做,因为默认的 ServerCertificateValidationCallback
值为null。
I can't seem to do this since the default ServerCertificateValidationCallback
value is null.
ServicePointManager.ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
validCertificatesSerialNumbers.Contains(certificate.GetSerialNumberString()) ||
defaultlCallback.Invoke(sender, certificate, chain, sslPolicyErrors) //How do I set defaultCallback?
;
谢谢
推荐答案
从我在参考中可以了解的内容来源这是回调发挥作用:
From what I can tell in the reference source this is where the callback comes into play:
if (ServicePointManager.ServerCertificateValidationCallback != null)
{
useDefault = false;
return ServicePointManager.ServerCertValidationCallback.
Invoke(m_Request,
certificate,
chain,
sslPolicyErrors);
}
if (useDefault)
return sslPolicyErrors == SslPolicyErrors.None;
这意味着验证已经执行,并且知道它是否通过你只需要检查 sslPolicyErrors
参数。您将这样做:
Which means that the validation has already been performed and to know whether it passes you just need to check the sslPolicyErrors
argument. You would do this:
ServicePointManager.ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
validCertificatesSerialNumbers.Contains(certificate.GetSerialNumberString()) || (sslPolicyErrors == SslPolicyErrors.None);
这篇关于如何调用默认ServerCertificateValidationCallback内定制验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!