在C#httpwebrequest中禁用主机名验证 [英] Disable hostname verification in c# httpwebrequest

问题描述

我正在c#环境中实现Web服务.我正在使用SSL连接.我的网址像这样:

I'm implementing web services in a c# environment. I'm using a SSL connection. My url is seomthing like:

https://pseudoservername:8443/services/...

但是证书期望它是:

https://ourcompany.services.public.com:8443/services/...

所以我的主机名不匹配.在Java中，您可以简单地通过创建自己的hostnameVerifier类并让JVM使用该主机名而不是普通主机名来关闭该主机名验证.这真的很有用，因为效果仅是本地的(仅对此应用程序禁用验证)和临时的(可以在应用程序需要时打开/关闭主机名验证).

So I got a hostname mismatch. In Java you can simply turn off this hostname verification by making your own hostnameVerifier class and letting the JVM use that one instead of the normal one. This is really useful because the effect are only local (only disable verification for this application) and temporary (hostnameverification can be turned on/off whenever the application wants to).

如何在c#中使用它?

我不希望忽略整个证书验证的解决方案.我也想保留当地的&禁用主机名验证的临时效果.我也不希望出于超出此问题范围的原因而更改我的网址(仅使它们匹配).

I do not want a solution where the entire certificate validation is ignored. I also want to preserve the local & temporary effects of disabling the hostnameverification. I do also not want change my url (to just make them match) for reasons beyond the scope of this question.

推荐答案

如果您使用的是WebRequest或类似的东西，则可以加入ServicePointManager.ServerCertificateValidationCallback 并将自定义验证方案添加为

If you are using WebRequests or something similiar, you can hook into the ServicePointManager.ServerCertificateValidationCallback and add a custom validation scenario as

ServicePointManager.ServerCertificateValidationCallback = delegate(
            Object obj, X509Certificate certificate, X509Chain chain, 
            SslPolicyErrors errors)
            {
                if (errors == SslPolicyErrors.RemoteCertificateNameMismatch)
                {
                  return (true);
                }
            };

请参见 MSDN 了解详情

这篇关于在C#httpwebrequest中禁用主机名验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！