ssl时如何忽略证书检查 [英] How to ignore the certificate check when ssl

问题描述

我正在尝试找到一种在请求 Https 资源时忽略证书检查的方法，到目前为止，我在互联网上找到了一些有用的文章.

I am trying find a way to ignore the certificate check when request a Https resource, so far, I found some helpful article in internet.

但是我还是有一些问题.请检查我的代码.我只是不明白代码 ServicePointManager.ServerCertificateValidationCallback 是什么意思.

But I still have some problem. Please review my code. I just don't understand what does the code ServicePointManager.ServerCertificateValidationCallback mean.

这个委托方法什么时候被调用?还有一个问题，我应该在哪个地方写这段代码?ServicePointManager.ServerCertificateValidationCallback 执行之前还是 Stream stream = request.GetRequestStream() 之前?

When will this delegate method be called? And one more question, in which place should I write this code? Before ServicePointManager.ServerCertificateValidationCallback execute or before Stream stream = request.GetRequestStream()?

public HttpWebRequest GetRequest()
{
    CookieContainer cookieContainer = new CookieContainer();

    // Create a request to the server
    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(_remoteUrl);

    #region Set request parameters

    request.Method = _context.Request.HttpMethod;
    request.UserAgent = _context.Request.UserAgent;
    request.KeepAlive = true;
    request.CookieContainer = cookieContainer;
    request.PreAuthenticate = true;
    request.AllowAutoRedirect = false;

    #endregion

    // For POST, write the post data extracted from the incoming request
    if (request.Method == "POST")
    {
        Stream clientStream = _context.Request.InputStream;
        request.ContentType = _context.Request.ContentType;
        request.ContentLength = clientStream.Length;

        ServicePointManager.ServerCertificateValidationCallback = delegate(
            Object obj, X509Certificate certificate, X509Chain chain, 
            SslPolicyErrors errors)
            {
                return (true);
            };

            Stream stream = request.GetRequestStream();

            ....
        }

        ....

        return request;
    }
}   

推荐答案

因为只有一个全局 ServicePointManager，设置 ServicePointManager.ServerCertificateValidationCallback 将产生的结果是所有后续请求都将继承此策略.由于它是全局设置"，因此最好在 Application_Start 中设置它 Global.asax中的方法.

Since there is only one global ServicePointManager, setting ServicePointManager.ServerCertificateValidationCallback will yield the result that all subsequent requests will inherit this policy. Since it is a global "setting" it would be prefered to set it in the Application_Start method in Global.asax.

设置回调会覆盖默认行为，您可以自己创建自定义验证例程.

Setting the callback overrides the default behaviour and you can yourself create a custom validation routine.

这篇关于ssl时如何忽略证书检查的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！