private bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors == SslPolicyErrors.None)
{
return(true);
}
lock (certificateValidationLock)
{
bool ignoreChanged = NoWarnCertificates || (bool)GetVariableValue("NoWarnCertificates", false);
bool ignoreNew = ignoreChanged || NoWarnNewCertificates || (bool)GetVariableValue("NoWarnNewCertificates", false);
HttpWebRequest webreq = (HttpWebRequest)sender;
string hostname = webreq.Address.Host;
string fingerprint = CommonCmdletFunctions.FingerprintPrettyString(certificate.GetCertHashString());
string trusted = VerifyInAllStores(new X509Certificate2(certificate))
? CERT_TRUSTED : CERT_NOT_TRUSTED;
var certificates = CommonCmdletFunctions.LoadCertificates();
bool ok;
if (certificates.ContainsKey(hostname))
{
string fingerprint_old = certificates[hostname];
if (fingerprint_old == fingerprint)
{
return(true);
}
ok = Force || ignoreChanged || ShouldContinue(string.Format(CERT_CHANGED, fingerprint, fingerprint_old, trusted), CERT_HAS_CHANGED_CAPTION);
}
else
{
ok = Force || ignoreNew || ShouldContinue(string.Format(CERT_FOUND, fingerprint, trusted), CERT_FOUND_CAPTION);
}
if (ok)
{
certificates[hostname] = fingerprint;
CommonCmdletFunctions.SaveCertificates(certificates);
}
return(ok);
}
}