如何在自定义验证中调用默认 ServerCertificateValidationCallback?
How to call default ServerCertificateValidationCallback inside customized validation?
我想修改 .Net 的默认设置 ServerCertificateValidationCallback
以将我公司的某些证书验证为真,但保留对其他证书的默认验证。
我似乎无法执行此操作,因为默认 ServerCertificateValidationCallback
值为空。
ServicePointManager.ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
validCertificatesSerialNumbers.Contains(certificate.GetSerialNumberString()) ||
defaultlCallback.Invoke(sender, certificate, chain, sslPolicyErrors) //How do I set defaultCallback?
;
谢谢
根据我在 reference source 中的了解,这就是回调发挥作用的地方:
if (ServicePointManager.ServerCertificateValidationCallback != null)
{
useDefault = false;
return ServicePointManager.ServerCertValidationCallback.
Invoke(m_Request,
certificate,
chain,
sslPolicyErrors);
}
if (useDefault)
return sslPolicyErrors == SslPolicyErrors.None;
这意味着验证已经执行,要知道它是否通过,您只需要检查 sslPolicyErrors
参数即可。你会这样做:
ServicePointManager.ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
validCertificatesSerialNumbers.Contains(certificate.GetSerialNumberString()) || (sslPolicyErrors == SslPolicyErrors.None);
我想修改 .Net 的默认设置 ServerCertificateValidationCallback
以将我公司的某些证书验证为真,但保留对其他证书的默认验证。
我似乎无法执行此操作,因为默认 ServerCertificateValidationCallback
值为空。
ServicePointManager.ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
validCertificatesSerialNumbers.Contains(certificate.GetSerialNumberString()) ||
defaultlCallback.Invoke(sender, certificate, chain, sslPolicyErrors) //How do I set defaultCallback?
;
谢谢
根据我在 reference source 中的了解,这就是回调发挥作用的地方:
if (ServicePointManager.ServerCertificateValidationCallback != null)
{
useDefault = false;
return ServicePointManager.ServerCertValidationCallback.
Invoke(m_Request,
certificate,
chain,
sslPolicyErrors);
}
if (useDefault)
return sslPolicyErrors == SslPolicyErrors.None;
这意味着验证已经执行,要知道它是否通过,您只需要检查 sslPolicyErrors
参数即可。你会这样做:
ServicePointManager.ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
validCertificatesSerialNumbers.Contains(certificate.GetSerialNumberString()) || (sslPolicyErrors == SslPolicyErrors.None);