绕过 DotNet 核心服务堆栈上的 SSL 证书验证 [英] Bypassing SSL Certificate Validation on DotNet Core Service Stack
问题描述
我知道 ServicePointManager.ServerCertificateValidationCallback
不再存在于 .Net Core 中,而是替换为:
I know that ServicePointManager.ServerCertificateValidationCallback
no longer exists in .Net Core and is instead replaced with:
using(var handler = new System.Net.Http.HttpClientHandler())
{
using (var httpClient = new System.Net.Http.HttpClient(handler))
{
handler.ServerCertificateCustomValidationCallback = (request, cert, chain, errors) =>
{
return true;
};
}
}
然而,我们目前使用的是 ServiceStack.Core
库,据我所知,它既没有公开这样的属性,也没有公开处理程序本身.
However we are currently using the ServiceStack.Core
library which, as far as I can see, does not expose either a property like this or the handler itself.
如何告诉 ServiceStack 客户端绕过此代码中的 ssl 验证?
How would I tell a ServiceStack client to bypass ssl validation in this code?
using(var client = new JsonServiceClient("https://www.google.com"))
{
var response = client.Get("/results");
}
如果有办法,这在 Windows 和 Linux 上的工作方式是否相同?
If there is a way, would this work the same on both Windows and Linux?
推荐答案
JsonServiceClient
建立在 .NET HttpWebRequest
之上,它已在 .NET Core 中重写为 HttpClient
并且您可以在其中注入自己的 HttpClientHandler
:
JsonServiceClient
is built on .NET HttpWebRequest
which has been rewritten in .NET Core as a wrapper over HttpClient so we'd generally recommend for .NET Core to avoid this overhead (which is much slower than .NET 4.5) and switch to using JsonHttpClient in ServiceStack.HttpClient instead as it uses HttpClient
directly and where you can inject your own HttpClientHandler
with:
var client = new JsonHttpClient(baseUrl)
{
HttpMessageHandler = new HttpClientHandler
{
UseCookies = true,
AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate,
ServerCertificateCustomValidationCallback = (req,cert,chain,errors) => true
}
};
请注意,建议重用 HttpClient 实例,因此您应该尝试尽可能重用 HttpClient 实例并避免处置它们.
Note it's recommended to reuse HttpClient instances so you should try to reuse HttpClient instances when possible and avoid disposing them.
这篇关于绕过 DotNet 核心服务堆栈上的 SSL 证书验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!