/// <summary>
/// Delegete handler to process SSL Communications over LDAP.
/// This allows the user to accept or reject a certificate chain
/// Thus the certificate Auth Authority does not have to pre-exist in the truststore
/// </summary>
/// <param name="certificate">
/// A <see cref="Syscert.X509Certificate"/>
/// </param>
/// <param name="certificateErrors">
/// A <see cref="System.Int32[]"/>
/// </param>
/// <returns>
/// A <see cref="System.Boolean"/>
/// </returns>
private bool MySSLHandler(Syscert.X509Certificate certificate, int[] certificateErrors)
{
Logger.Debug("calling MySSLHandler()");
X509Store store = null;
X509Stores stores = X509StoreManager.CurrentUser;
String input;
store = stores.TrustedRoot;
//Import the details of the certificate from the server.
X509Certificate x509 = null;
X509CertificateCollection coll = new X509CertificateCollection ();
Logger.Debug("calling GetRawCertData()");
byte[] data = certificate.GetRawCertData();
if (data != null)
x509 = new X509Certificate (data);
//List the details of the Server
//check for ceritficate in store
X509CertificateCollection check = store.Certificates;
if(!check.Contains(x509))
{
if(bindCount == 1)
{
Console.WriteLine ( " \n\nCERTIFICATE DETAILS: \n" );
Console.WriteLine ( " {0}X.509 v{1} Certificate", (x509.IsSelfSigned ? "Self-signed " :
String.Empty), x509.Version);
Console.WriteLine ( " Serial Number: {0}", CryptoConvert.ToHex (x509.SerialNumber));
Console.WriteLine ( " Issuer Name: {0}", x509.IssuerName);
Console.WriteLine ( " Subject Name: {0}", x509.SubjectName);
Console.WriteLine ( " Valid From: {0}", x509.ValidFrom);
Console.WriteLine ( " Valid Until: {0}", x509.ValidUntil);
Console.WriteLine ( " Unique Hash: {0}", CryptoConvert.ToHex (x509.Hash));
}
//Get the response from the Client
do
{
Console.WriteLine("\nDo you want to proceed with the connection (y/n)?");
input = Console.ReadLine();
if(input=="y" || input == "Y")
bHowToProceed = true;
if(input=="n" || input == "N")
bHowToProceed = false;
}while(input!="y" && input != "Y" && input !="n" && input != "N");
}
else
{
if(bHowToProceed == true)
{
//Add the certificate to the store.
if (x509 != null)
coll.Add (x509);
store.Import (x509);
if(bindCount == 1)
removeFlag = true;
}
}
if(bHowToProceed == false)
{
//Remove the certificate added from the store.
if(removeFlag == true && bindCount > 1)
{
foreach (X509Certificate xt509 in store.Certificates) {
if (CryptoConvert.ToHex (xt509.Hash) == CryptoConvert.ToHex (x509.Hash)) {
store.Remove (x509);
}
}
}
Console.WriteLine("SSL Bind Failed.");
}
return bHowToProceed;
}
static bool SSLHandler(Syscert.X509Certificate certificate, int[] certificateErrors)
{
bool retVal = true;
X509Certificate x509 = null;
byte[] data = certificate.GetRawCertData();
if (data != null)
x509 = new X509Certificate (data);
StringBuilder msg = new StringBuilder ();
msg.AppendFormat (" {0}X.509 v{1} Certificate", (x509.IsSelfSigned ? "Self-signed " : String.Empty), x509.Version);
msg.AppendFormat ("\nSerial Number: {0}", CryptoConvert.ToHex (x509.SerialNumber));
msg.AppendFormat ("\nIssuer Name: {0}", x509.IssuerName);
msg.AppendFormat ("\nSubject Name: {0}", x509.SubjectName);
msg.AppendFormat ("\nValid From: {0}", x509.ValidFrom);
msg.AppendFormat ("\nValid Until: {0}", x509.ValidUntil);
msg.AppendFormat ("\nUnique Hash: {0}", CryptoConvert.ToHex (x509.Hash));
Log.Debug ("Certificate info:\n{0}", msg.ToString());
Log.Debug ("Certificate errors:\n{0}", certificateErrors.Length);
return retVal;
}