使用 HttpClient 检查服务器证书
Inspect server certificate using HttpClient
我正在 WinForms 中重写一些 Web 处理代码,并从 HttpWebRequest 切换到 HttpClient。我需要最后一件事,但我似乎不知道如何完成。
在 HttpWebRequest 中,我可以从我正在连接的 Web 服务器捕获证书并显示它:
...
HttpWebRequest request = CreateHttpRequest(destUri);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
cert = request.ServicePoint.Certificate;
if (cert != null)
{
cert2 = new X509Certificate2(cert);
X509Certificate2UI.DisplayCertificate(cert2);
}
...
我找不到使用 HttpClient 捕获证书的等效方法:
//... Use HttpClient.
using (HttpClient client = new HttpClient())
{
using (HttpResponseMessage response = await client.GetAsync(destUri))
{
using (HttpContent content = response.Content)
{
string result = await content.ReadAsStringAsync();
}
}
}
How/where 我可以在这里做吗?我不知道如何到达 ServicePoint.Certificate.
例如使用WebRequestHandler with a proper certificate validation callback. see HttpClient, HttpClientHandler, and WebRequestHandler Explained。
Bulding on Remus answer - 这是我在 LinqPad 中拼凑的东西,它确实可以让您访问您的证书:
var handler = new WebRequestHandler();
handler.UseDefaultCredentials = true;
handler.AllowPipelining = true;
handler.ServerCertificateValidationCallback = (sender, cert, chain, error) => {
//do something with cert here
cert.Subject.Dump();
//useless validation on my part
return true;
};
using (HttpClient client = new HttpClient(handler))
{
using (HttpResponseMessage response = await client.GetAsync("https://google.com"))
{
using (HttpContent content = response.Content)
{
//foo
}
}
}
Dump() 输出如下:
CN=*.google.com, O=Google Inc, L=Mountain View, S=California, C=US
CN=www.google.de, O=Google Inc, L=Mountain View, S=California, C=US
CN=www.google.com, O=Google Inc, L=Mountain View, S=California, C=US
显然,您不需要从 ServicePointManager.ServerCertificateValidationCallback 获取证书。您可以从 ServicepointManager 本身找到它,如下所示:
//... Use HttpClient.
using (HttpClient client = new HttpClient())
{
using (HttpResponseMessage response = await client.GetAsync(destUri))
{
// Get Certificate Here
var cert = ServicePointManager.FindServicePoint(destUri).Certificate;
//
using (HttpContent content = response.Content)
{
string result = await content.ReadAsStringAsync();
}
}
}
我正在 WinForms 中重写一些 Web 处理代码,并从 HttpWebRequest 切换到 HttpClient。我需要最后一件事,但我似乎不知道如何完成。
在 HttpWebRequest 中,我可以从我正在连接的 Web 服务器捕获证书并显示它:
...
HttpWebRequest request = CreateHttpRequest(destUri);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
cert = request.ServicePoint.Certificate;
if (cert != null)
{
cert2 = new X509Certificate2(cert);
X509Certificate2UI.DisplayCertificate(cert2);
}
...
我找不到使用 HttpClient 捕获证书的等效方法:
//... Use HttpClient.
using (HttpClient client = new HttpClient())
{
using (HttpResponseMessage response = await client.GetAsync(destUri))
{
using (HttpContent content = response.Content)
{
string result = await content.ReadAsStringAsync();
}
}
}
How/where 我可以在这里做吗?我不知道如何到达 ServicePoint.Certificate.
例如使用WebRequestHandler with a proper certificate validation callback. see HttpClient, HttpClientHandler, and WebRequestHandler Explained。
Bulding on Remus answer - 这是我在 LinqPad 中拼凑的东西,它确实可以让您访问您的证书:
var handler = new WebRequestHandler();
handler.UseDefaultCredentials = true;
handler.AllowPipelining = true;
handler.ServerCertificateValidationCallback = (sender, cert, chain, error) => {
//do something with cert here
cert.Subject.Dump();
//useless validation on my part
return true;
};
using (HttpClient client = new HttpClient(handler))
{
using (HttpResponseMessage response = await client.GetAsync("https://google.com"))
{
using (HttpContent content = response.Content)
{
//foo
}
}
}
Dump() 输出如下:
CN=*.google.com, O=Google Inc, L=Mountain View, S=California, C=US
CN=www.google.de, O=Google Inc, L=Mountain View, S=California, C=US
CN=www.google.com, O=Google Inc, L=Mountain View, S=California, C=US
显然,您不需要从 ServicePointManager.ServerCertificateValidationCallback 获取证书。您可以从 ServicepointManager 本身找到它,如下所示:
//... Use HttpClient.
using (HttpClient client = new HttpClient())
{
using (HttpResponseMessage response = await client.GetAsync(destUri))
{
// Get Certificate Here
var cert = ServicePointManager.FindServicePoint(destUri).Certificate;
//
using (HttpContent content = response.Content)
{
string result = await content.ReadAsStringAsync();
}
}
}