public override bool ValidateServerCertificate(Uri uri, X509Certificate2 certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { var now = DateTime.Now; if (_verifyHostname) { if (sslPolicyErrors.HasFlag(SslPolicyErrors.RemoteCertificateNameMismatch)) { Logger?.Error(null, $"{GetType().Name}: Certificate '{certificate.Subject}' does not match with host name '{uri.Host}'."); return(false); } } if (!CertHelper.CheckValidity(certificate, now)) { Logger?.Error(null, $"{GetType().Name}: Certificate '{certificate.Subject}' is not valid at the time of validity check '{now}'."); return(false); } if (CertHelper.FindCertificate(_location, StoreName.TrustedPeople, certificate)) { if (CertHelper.FindCertificate(_location, StoreName.Disallowed, certificate)) { Logger?.Error(null, $"{GetType().Name}: Certificate '{certificate.Subject}' is found in '{_location}\\Disallowed` store."); return(false); } Logger?.Info($"{GetType().Name}: Trusting {uri} with certificate '{certificate.Subject}'."); return(true); } Logger?.Error(null, $"{GetType().Name}: Unable to locate a certificate for {uri} in '{_location}\\TrustedPeople` store."); return(false); }
public override bool ValidateServerCertificate(Uri uri, X509Certificate2 certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { var now = DateTime.Now; if (_verifyHostname) { if (sslPolicyErrors.HasFlag(SslPolicyErrors.RemoteCertificateNameMismatch)) { Logger?.Error(null, $"{GetType().Name}: Certificate '{certificate.Subject}' does not match with host name '{uri.Host}'."); return(false); } } if (!CertHelper.CheckValidity(certificate, now)) { Logger?.Error(null, $"{GetType().Name}: Certificate '{certificate.Subject}' is not valid at the time of validity check '{now}'."); return(false); } for (var i = chain.ChainElements.Count - 1; i >= 0; i--) { if (CertHelper.FindCertificate(_trustedCertificates, chain.ChainElements[i].Certificate)) { Logger?.Info($"{GetType().Name}: Trusting {uri} with certificate '{certificate.Subject}'."); return(true); } } Logger?.Error(null, $"{GetType().Name}: Unable to locate a certificate for {uri} in provided trusted certificates."); return(false); }