问题
I want to modify .Net's default ServerCertificateValidationCallback to validate as true some of my company's certificates, but keeping the default validation for other certificates.
I can't seem to do this since the default ServerCertificateValidationCallback value is null.
ServicePointManager.ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
validCertificatesSerialNumbers.Contains(certificate.GetSerialNumberString()) ||
defaultlCallback.Invoke(sender, certificate, chain, sslPolicyErrors) //How do I set defaultCallback?
;
Thank you
回答1:
From what I can tell in the reference source this is where the callback comes into play:
if (ServicePointManager.ServerCertificateValidationCallback != null)
{
useDefault = false;
return ServicePointManager.ServerCertValidationCallback.
Invoke(m_Request,
certificate,
chain,
sslPolicyErrors);
}
if (useDefault)
return sslPolicyErrors == SslPolicyErrors.None;
Which means that the validation has already been performed and to know whether it passes you just need to check the sslPolicyErrors argument. You would do this:
ServicePointManager.ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
validCertificatesSerialNumbers.Contains(certificate.GetSerialNumberString()) || (sslPolicyErrors == SslPolicyErrors.None);
来源:https://stackoverflow.com/questions/28679120/how-to-call-default-servercertificatevalidationcallback-inside-customized-valida