protected bool CertificateCustomValidationCallback(HttpRequestMessage request, X509Certificate certificate,
                                                           X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            var host   = request.Headers.Host ?? request.RequestUri.Host;
            var domain = GetPinnedDomain(host) ?? GetPinnedDomain("*");

            if (domain == null)
            {
                return(sslPolicyErrors == SslPolicyErrors.None && !_config.Enforce);
            }

            if (domain.Name != "*" && sslPolicyErrors != SslPolicyErrors.None)
            {
                return(false);
            }

            var valid = _policy.Valid(domain, certificate);

            if (!valid && domain.SendReport)
            {
                var knownPins = domain.PublicKeyHashes.ToList();
                _reportClient.Send(new ReportBody(knownPins, request.RequestUri, chain).Value());
            }

            return(sslPolicyErrors == SslPolicyErrors.None && !domain.Enforce || valid);
        }
Example #2
0
 private bool IsValid(string host, X509Certificate2 certificate)
 {
     return(_policy.Valid(host, certificate));
 }