obtain ssl certificate information - .net

2019-04-06 22:56发布

站内问答 / C#
1557 3 6

i am looking to get the data from any given domain names SSL certificate. For example I want to put in any website address e.g. "http://stackoverflow.com" and my code would firstly check if an SSL certificate exists. If it does then I want it to pull out the expiry date of the certificate. [ i am reading Domainnames from DB ] Example :http://www.digicert.com/help/

i need to create a web service to check expiry date. how can i implement it?? - I have looked up loads of different things such as RequestCertificateValidationCallback and ClientCertificates etc. Since i am new to this, i am not sure what has to be done.

I could be completely wrong (hence why I need help) but would I create a HTTPWebRequest and then somehow request the client certificate and specific elements that way?

i tried the example provided @SSL certificate pre-fetch .NET , but i am getting forbitten 403 error.

Any help would be much appreciated - Thank you.

This is the code i have written which is throwing 403 forbidden error.

        Uri u = new Uri("http://services.efi.com/");
        ServicePoint sp = ServicePointManager.FindServicePoint(u);

        string groupName = Guid.NewGuid().ToString();
        HttpWebRequest req = HttpWebRequest.Create(u) as HttpWebRequest;
        req.Accept = "*/*";
        req.ConnectionGroupName = groupName;

        using (WebResponse resp = req.GetResponse())
        {
            // Ignore response, and close the response.
        }
        sp.CloseConnectionGroup(groupName);

        // Implement favourite null check pattern here on sp.Certificate
        string expiryDate = sp.Certificate.GetExpirationDateString();

        string str = expiryDate;

3条回答
迷人小祖宗
2楼-- · 2019-04-06 23:28

This works fine:

namespace ConsoleApplication1
{
  using System;
  using System.Net;
  using System.Net.Security;
  using System.Security.Cryptography.X509Certificates;

  class Program
  {
    static void Main()
    {
      ServicePointManager.ServerCertificateValidationCallback += ServerCertificateValidationCallback;

      var request = WebRequest.Create("https://www.google.com");

      var response = request.GetResponse();

      Console.WriteLine("Done.");
      Console.ReadLine();

    }

    private static bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
      Console.WriteLine("Certificate expires on " + certificate.GetExpirationDateString());

      return true;
    }
  }
}
查看更多
0人赞 添加讨论(0) 举报
孤傲高冷的网名
3楼-- · 2019-04-06 23:46

If you need to download the certificate: 

            //Do webrequest to get info on secure site
        var certName = "FileName";
        var url = "https://mail.google.com";
        HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
        HttpWebResponse response = (HttpWebResponse)request.GetResponse();
        response.Close();

        //retrieve the ssl cert and assign it to an X509Certificate object
        X509Certificate cert = request.ServicePoint.Certificate;

        //convert the X509Certificate to an X509Certificate2 object by passing it into the constructor
        X509Certificate2 cert2 = new X509Certificate2(cert);

        string cn = cert2.GetIssuerName();
        string cedate = cert2.GetExpirationDateString();
        string cpub = cert2.GetPublicKeyString();

        var path = Directory.GetCurrentDirectory() + string.Concat("\\", certName, ".der");
        byte[] certData = cert2.Export(X509ContentType.Cert);
        File.WriteAllBytes(path, certData);

        Console.WriteLine("cert2.GetIssuerName :{0}", cert2.GetIssuerName());
        Console.WriteLine("cert2.GetExpirationDateString :{0}", cert2.GetExpirationDateString());
        Console.WriteLine("cert2.GetPublicKeyString :{0}", cert2.GetPublicKeyString());

.cs Sample File :https://gist.github.com/thedom85/6db200104c075310527aaef63b172253

I also recommend this site : https://www.simple-talk.com/dotnet/.net-framework/tlsssl-and-.net-framework-4.0/

查看更多
0人赞 添加讨论(0) 举报
手持菜刀,她持情操
4楼-- · 2019-04-06 23:48

You are getting a "403 forbidden" status because that's what the server returns when you access that page. I see the same thing when I browse to that Uri using IE. This status indicates that you don't have permission to access the Url, so perhaps you should try your code on a page that you have access to.

Also, you're unlikely to see a certificate on a http connection - you might want to try https instead.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)