private void ftp_ValidateServerCertificate(object sender, ValidateServerCertificateEventArgs e)
{
// display the certificate to the user and ask the user to either accept or reject the certificate
if (MessageBox.Show(e.Certificate.ToString(), "FTPbox - Accept this Certificate?", MessageBoxButtons.YesNo) == DialogResult.Yes)
{
// the user accepted the certicate so we need to inform the FtpClient Component that the certificate is valid
// be setting the IsCertificateValue property to true
e.IsCertificateValid = true;
}
}
// the following method is invoked by the RemoteCertificateValidationDelegate.
private bool secureStream_ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
//// if it is the same certificate we have already approved then don't validate it again
if (_serverCertificate != null && certificate.GetCertHashString() == _serverCertificate.GetCertHashString())
return true;
// invoke the ValidateServerCertificate event if the user is subscribing to it
// ignore our own logic and let the user decide if the certificate is valid or not
if (ValidateServerCertificate != null)
{
ValidateServerCertificateEventArgs args = new ValidateServerCertificateEventArgs(new X509Certificate2(certificate.GetRawCertData()), chain, sslPolicyErrors);
ValidateServerCertificate(this, args);
// make a copy of the certificate due to sharing violations
if (args.IsCertificateValid)
_serverCertificate = new X509Certificate2(certificate.GetRawCertData());
return args.IsCertificateValid;
}
else
{
// analyze the policy errors and decide if the certificate should be accepted or not.
if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateNameMismatch) == SslPolicyErrors.RemoteCertificateNameMismatch)
throw new FtpCertificateValidationException(String.Format("Certificate validation failed. The host name '{0}' does not match the name on the security certificate '{1}'. To override this behavior, subscribe to the ValidateServerCertificate event to validate certificates.", _host, certificate.Issuer));
if (sslPolicyErrors == SslPolicyErrors.None || (sslPolicyErrors & SslPolicyErrors.RemoteCertificateChainErrors) == SslPolicyErrors.RemoteCertificateChainErrors)
{
// make a copy of the server certificate due to sharing violations
_serverCertificate = new X509Certificate2(certificate.GetRawCertData());
return true;
}
else
{
return false;
}
}
}
private static void ftp_ValidateServerCertificate(object sender, ValidateServerCertificateEventArgs e)
{
e.IsCertificateValid = true;
}