protected bool CertificateCustomValidationCallback(HttpRequestMessage request, X509Certificate certificate,
X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
var host = request.Headers.Host ?? request.RequestUri.Host;
var domain = GetPinnedDomain(host) ?? GetPinnedDomain("*");
if (domain == null)
{
return(sslPolicyErrors == SslPolicyErrors.None && !_config.Enforce);
}
if (domain.Name != "*" && sslPolicyErrors != SslPolicyErrors.None)
{
return(false);
}
var valid = _policy.Valid(domain, certificate);
if (!valid && domain.SendReport)
{
var knownPins = domain.PublicKeyHashes.ToList();
_reportClient.Send(new ReportBody(knownPins, request.RequestUri, chain).Value());
}
return(sslPolicyErrors == SslPolicyErrors.None && !domain.Enforce || valid);
}
private bool IsValid(string host, X509Certificate2 certificate)
{
return(_policy.Valid(host, certificate));
}
