.net WebService, bypass ssl validation!

2019-02-07 07:24发布

站内问答 / 后端开发
1800 5 4

Well im working agains a webservice that has a certificate that is not 100% correctly setup the certificate is setup for the domain *.domain1.com and the api is located at soap.shop.domain1.com/SOAP now i cant connect to this webservice as i then get a WebException "Could Not establish trush relationship for the SSL/TLS secure channel. --> The remote certificate is invalid according to the validation procedure.

Now my question is there any way to bypass this check i use a normal Web Reference (2.0) not a Service Reference..

5条回答
欢心
2楼-- · 2019-02-07 07:28

Yes, you can use the following to have ASP.NET ignore the certificate warnings:

using System;
using System.Net;
using System.Security.Cryptography.X509Certificates;

namespace YourNamespace
    public class TrustAllCertificatePolicy : System.Net.ICertificatePolicy
    {
        public TrustAllCertificatePolicy() {}

        public bool CheckValidationResult(ServicePoint sp, X509Certificate cert,WebRequest req, int problem)
        {
            return true;
        }
    }
}
查看更多
0人赞 添加讨论(0) 举报
Anthone
3楼-- · 2019-02-07 07:40

pick you flavor..

lambda expresions

            //Trust all certificates
            System.Net.ServicePointManager.ServerCertificateValidationCallback =
                ((sender, certificate, chain, sslPolicyErrors) => true);

            // trust sender (more secure)
            System.Net.ServicePointManager.ServerCertificateValidationCallback
                = ((sender, cert, chain, errors) => cert.Subject.Contains("YourServerName"));

or plain clode (better for testing)

            // validate cert
            // allows for validation of SSL conversations
            ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateRemoteCertificate);

    // callback used to validate the certificate in an SSL conversation
    private static bool ValidateRemoteCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors policyErrors)
    {
        bool result = false;
        if (cert.Subject.ToUpper().Contains("YourServerName"))
        {
            result = true;
        }

        return result;
    }
查看更多
0人赞 添加讨论(0) 举报
Deceive 欺骗
4楼-- · 2019-02-07 07:41

You need to handle the event that validates the certificate and just set it to always return true. See the following post for details:

http://8r13n.wordpress.com/2007/07/24/bypassing-certificate-validation-in-net/

查看更多
0人赞 添加讨论(0) 举报
祖国的老花朵
5楼-- · 2019-02-07 07:43

For those who can't determine where to start with this answer, it may not be obvious. The posters above are getting it right, but it wasn't apparent upfront on what to do with the given code.

Let's say you have a class somewhere that needs to call a web service with a certificate.

Here's my finished solution:

public class MyClass
{

    public  bool TrustAllCertificatesCallback(object sender, X509Certificate cert,
                                                X509Chain chain, SslPolicyErrors errors)
    {
        return true;
    }

    public string CallSomeWebService(string someParam)
    {
        try
        { 
            ServicePointManager.ServerCertificateValidationCallback = TrustAllCertificatesCallback;


            RemoteWebService ws = new RemoteWebService();

            //add the client cert to the web service call.
            ws.ClientCertificates.Add(GetMyCert());

            //call the web service
            string response = ws.SomeMethod(someParam);

            return response.ToString();
        }
        catch (Exception ex)
        {throw;}
    }

    public X509Certificate GetMyCert()
    {
        try
        {
            string certPath = @"C:\MyCerts\MyCert.cer";
            var cert = X509Certificate.CreateFromCertFile(certPath);
            return cert;
        }
        catch (Exception ex)
        {throw;}
    }
}
查看更多
0人赞 添加讨论(0) 举报
smile是对你的礼貌
6楼-- · 2019-02-07 07:52 
System.Net.ServicePointManager.ServerCertificateValidationCallback = _
   Function(a, b, c, d) True
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)