Certificate validation doesn't use proxy setti

2019-08-29 23:56发布

I've been struggling to get a WCF client to work through a web proxy. If I manually specify the proxy as below, I can get the http request to work.

WebProxy proxy = new WebProxy("http://x.x.x.x:3128", false);
proxy.Credentials = new NetworkCredential("user", "pass");
WebRequest.DefaultWebProxy = proxy;

However I have the client service proxy set to use ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.ChainTrust;

Inspecting the packets that get sent out, the client successfully connects to the server, but the then tries to validate the certificate that the service provides. This validation attempt fails because the requests for the chain do not have Proxy-Authorization headers (they fail with 407 errors). How can I get these requests to properly use the DefaultWebProxy that's specified?

If I set the validation mode to None, then it all works of course, but I really don't want to have to do that.

1条回答
爷的心禁止访问
2楼-- · 2019-08-30 00:54

this setting only affects message level certificates. for transport level try something like this http://webservices20.blogspot.co.il/2008/12/wcf-gotcha-disabling-ssl-validation.html

查看更多
登录 后发表回答