如何忽略证书检查时,SSL [英] How to ignore the certificate check when ssl
问题描述
我试图找到一种方法来忽略证书检查时,要求HTTPS的资源,到目前为止,我发现网上一些有用的文章。
但我仍然有一些问题。请查看我的code。我只是不明白什么是code ServicePointManager.ServerCertificateValidationCallback 的意思。
当将这种委托方法被调用?还有一个问题,在这种地方,我应该写这篇code?之前 ServicePointManager.ServerCertificateValidationCallback 执行或之前流流= request.GetRequestStream()?
请帮帮我,谢谢。
公开的HttpWebRequest的GetRequest()
{
的CookieContainer的CookieContainer =新的CookieContainer(); //创建到服务器的请求
HttpWebRequest的要求=(HttpWebRequest的)WebRequest.Create(_remoteUrl); #区域设置请求参数 request.Method = _context.Request.HttpMethod;
request.UserAgent = _context.Request.UserAgent;
request.KeepAlive = TRUE;
request.CookieContainer =的CookieContainer;
要求preAuthenticate = TRUE。
request.AllowAutoRedirect = FALSE; #endregion //为POST,写从传入请求中提取的数据后
如果(request.Method ==POST)
{
流clientStream = _context.Request.InputStream;
request.ContentType = _context.Request.ContentType;
request.ContentLength = clientStream.Length; ServicePointManager.ServerCertificateValidationCallback =委托(
obj对象,X509证书证书,X509Chain链,
SslPolicyErrors错误)
{
返回(真);
}; 流流= request.GetRequestStream(); ....
} .... 返回请求;
}
}
由于只有一个全局<一个href=\"http://msdn.microsoft.com/en-us/library/system.net.servicepointmanager.aspx\">ServicePointManager,设置<一个href=\"http://msdn.microsoft.com/en-us/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx\">ServicePointManager.ServerCertificateValidationCallback将产生的所有后续请求将继承这一政策的结果。既然是一个全球性的设置这将是pfered设置它在的
设置回调覆盖缺省行为,你可以自己创建一个自定义的验证程序。
I am trying find a way to ignore the certificate check when request a Https resource, so far, I found some helpful article in internet.
But i still have some problem. Please review my code . I just don't understand what does the code ServicePointManager.ServerCertificateValidationCallback mean.
When will this delegate method be called? And one more question, in which place should i write this code? Before ServicePointManager.ServerCertificateValidationCallback execute or before Stream stream = request.GetRequestStream()?
Please help me, thanks.
public HttpWebRequest GetRequest()
{
CookieContainer cookieContainer = new CookieContainer();
// Create a request to the server
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(_remoteUrl);
#region Set request parameters
request.Method = _context.Request.HttpMethod;
request.UserAgent = _context.Request.UserAgent;
request.KeepAlive = true;
request.CookieContainer = cookieContainer;
request.PreAuthenticate = true;
request.AllowAutoRedirect = false;
#endregion
// For POST, write the post data extracted from the incoming request
if (request.Method == "POST")
{
Stream clientStream = _context.Request.InputStream;
request.ContentType = _context.Request.ContentType;
request.ContentLength = clientStream.Length;
ServicePointManager.ServerCertificateValidationCallback = delegate(
Object obj, X509Certificate certificate, X509Chain chain,
SslPolicyErrors errors)
{
return (true);
};
Stream stream = request.GetRequestStream();
....
}
....
return request;
}
}
Since there is only one global ServicePointManager, setting ServicePointManager.ServerCertificateValidationCallback will yield the result that all subsequent requests will inherit this policy. Since it is a global "setting" it would be prefered to set it in the Application_Start method in Global.asax.
Setting the callback overrides the default behaviour and you can yourself create a custom validation routine.
这篇关于如何忽略证书检查时,SSL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
