检查自签名证书（SSL，C＃） [英] Check self-signed certificate (SSL, C#)

问题描述

在我的桌面应用程序中，我使用HTTPS连接。证书是自签名的。
如何以编程方式检查 c＃中的自签名证书？

In my desktop application i use HTTPS connection. Certificate is SELF-signed. How I can check self-signed certificate in c# programatically?

我使ia回调ValidateRemoteCertificate：

i make i a callback "ValidateRemoteCertificate":

 ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateRemoteCertificate)

默认情况下，我的ValidateRemoteCertificate方法始终返回TRUE。
但我认为我需要检查此证书的有效或无效。
怎么检查？我必须在ValidateRemoteCertificate中查看什么？

By default, my "ValidateRemoteCertificate" method always return TRUE. But I think i need to check valid or invalid this certificate. How to check it? What i must to check in "ValidateRemoteCertificate"?

推荐答案

由于您已经实现了回调，因此您知道回调代理的签名

Since you already have implemented the callback you know the signature of the callback delegate

public delegate bool RemoteCertificateValidationCallback(
    Object sender,
    X509Certificate certificate,
    X509Chain chain,
    SslPolicyErrors sslPolicyErrors)

如果我理解正确，客户端没有在他的商店安装证书，对吗？虽然我建议您按顺序获取基础架构并部署有效证书，但在您的情况下，您可以将证书的哈希/指纹与存储在应用程序中的值进行比较，以验证证书的有效性。

If I understand you correctly, the client does not have the certificate installed in his store, correct? Although I´d recommend getting your infrastructure in order and deploy a valid certificate, what you could do in your case, is to compare the hash/fingerprint for the certificate to values stored in your application to verify the validty of the certificate.

这篇关于检查自签名证书（SSL，C＃）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！