{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Anthone 的问题《C# Download all https certificates from a website》','https://www.manongdao.com/q-969290.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I want to save all certificates from a URL to disk. So for example https://www.google.de
If I browse this page with Firefox, I can see three certificates.
With Firefox I can export them all, and save them to disk.
So I want to do that in C#. I started getting the certificates with the following code..
/// <summary>
/// Get and write certificate from URL into file in path
/// </summary>
/// <param name="_URL">URL of website with certficate</param>
/// <param name="_path">Path where you want to store certificate</param>
private static void SaveCertificate(String _URL, String _path)
{
try
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(_URL);
request.AllowAutoRedirect = false;
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
response.Close();
X509Certificate2 cert = new X509Certificate2(request.ServicePoint.Certificate);
File.WriteAllText(_path, ExportToPEM(cert));
}
catch (Exception)
{
}
}
/// <summary>
/// Export a certificate to a PEM format string
/// </summary>
/// <param name="_cert">The certificate to export</param>
/// <returns>A PEM encoded string</returns>
public static string ExportToPEM(X509Certificate2 _cert)
{
StringBuilder builder = new StringBuilder();
try
{
builder.AppendLine("-----BEGIN CERTIFICATE-----");
builder.AppendLine(Convert.ToBase64String(_cert.Export(X509ContentType.Cert), Base64FormattingOptions.InsertLineBreaks));
builder.AppendLine("-----END CERTIFICATE-----");
}
catch (Exception)
{
}
return builder.ToString();
}
The problem with this code is, I just get one certificate exept three. (the certificate I get is the marked certificate in the screenshot from firefox)
I also tryed the solution from here SO Question but it didnt work for me.
My question is, how can I get all certificates from a URL?
One way you can get the certificate chain is by implementing a
ServerCertificateValidationCallbackon yourrequest.It's a function that accepts the parameters:
(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)This is normally used to validate the certificate and chain, but in this case we're just using it to get access to the certificate chain. It does feel a lot like a hack but it should work. I've implemented an proof of concept based on your posted code. The code outputs the certs to the console window.