如何在.NET中验证HTTPS/SSL证书的有效性? [英] How can you verify validity of an HTTPS/SSL certificate in .NET?

查看：271 发布时间：2020/11/25 18:54:08 c# .net ssl https

本文介绍了如何在.NET中验证HTTPS/SSL证书的有效性?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

如何在.NET中验证HTTPS/SSL证书的有效性?

理想情况下，我想与网站建立HTTPS连接，然后找出是否以有效方式(证书未过期，主机名匹配，证书链受信任等)完成，但是内置的HTTP客户端似乎忽略了证书错误(我不确定是否需要物理下载网页才能验证证书?).

我尝试使用下面的代码(改编自注释中的答案)，但从未调用ValidationCallback:

    static void Main(string[] args)
    {
        String url = "https://www.example.com";
        HttpWebRequest request = WebRequest.CreateHttp(url);
        request.GetResponse();
        request.ServerCertificateValidationCallback += ServerCertificateValidationCallback;
        Console.WriteLine("End");
        Console.ReadKey();
    }

    private static bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        if (sslPolicyErrors == SslPolicyErrors.None)
        {
            Console.WriteLine("Certificate OK");
            return true;
        }
        else
        {
            Console.WriteLine("Certificate ERROR");
            return false;
        }
    }

解决方案

之所以没有被调用，是因为您已经设置了ValidationCallback 之后已经发出了请求.

将其更改为此:

HttpWebRequest request = WebRequest.CreateHttp( url );
request.ServerCertificateValidationCallback += ServerCertificateValidationCallback;
using( HttpWebResponse response = (HttpWebResponse)request.GetResponse() ) { }
Console.WriteLine("End");

...它将起作用.

How can you verify validity of an HTTPS/SSL certificate in .NET?

Ideally I want to establish an HTTPS connection to a website and then find out if that was done in a valid way (certificate not expired, host name matches, certificate chain trusted etc), but the built in HTTP Client seems to ignore certificate errors (and I'm not sure that physically downloading a web page is necessary to verify a certificate?).

I've tried to use the code below (adapted from an answer in the comments) but the ValidationCallback never gets called:

    static void Main(string[] args)
    {
        String url = "https://www.example.com";
        HttpWebRequest request = WebRequest.CreateHttp(url);
        request.GetResponse();
        request.ServerCertificateValidationCallback += ServerCertificateValidationCallback;
        Console.WriteLine("End");
        Console.ReadKey();
    }

    private static bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        if (sslPolicyErrors == SslPolicyErrors.None)
        {
            Console.WriteLine("Certificate OK");
            return true;
        }
        else
        {
            Console.WriteLine("Certificate ERROR");
            return false;
        }
    }

解决方案

It doesn't get called because you're setting the ValidationCallback after you've already made the request.

Change it to this:

HttpWebRequest request = WebRequest.CreateHttp( url );
request.ServerCertificateValidationCallback += ServerCertificateValidationCallback;
using( HttpWebResponse response = (HttpWebResponse)request.GetResponse() ) { }
Console.WriteLine("End");

...and it will work.

这篇关于如何在.NET中验证HTTPS/SSL证书的有效性?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

如何在.NET中验证HTTPS/SSL证书的有效性? [英] How can you verify validity of an HTTPS/SSL certificate in .NET?

问题描述

相关文章

C#/.NET最新文章

热门教程

热门工具

登录关闭

如何在.NET中验证HTTPS/SSL证书的有效性? [英] How can you verify validity of an HTTPS/SSL certificate in .NET?

问题描述

相关文章

C#/.NET最新文章

热门教程

热门工具

登录 关闭

登录关闭