internal static bool Validate( object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { Debug.Print(sender.ToString()); Debug.Print(certificate.ToString()); Debug.Print(chain.ToString()); Debug.Print(sslPolicyErrors.ToString()); return(false); }
private static bool CheckValidationResult(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors) { QLog.D("XIAO", sender.ToString()); QLog.D("XIAO", certificate.ToString()); QLog.D("XIAO", chain.ToString()); QLog.D("XIAO", errors.ToString()); if (errors == SslPolicyErrors.None) // 第三方证书有效 { return(true); } return(false); }
// Certificate Check private static bool CertificateValidation(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { Console.WriteLine(sender.ToString()); Console.WriteLine(certificate.ToString()); Console.WriteLine(chain.ToString()); Console.WriteLine(sslPolicyErrors.ToString()); if (sslPolicyErrors == SslPolicyErrors.None) { hasValidCertificate = true; return(true); } else { hasValidCertificate = false; return(false); } }
/// <summary> /// Verify server certificate within returned HttpResponse to prevent MITM attack. /// </summary> /// <param name="httpRequestMessage">The httpRequestMessage returned.</param> /// <param name="serverCertVerifier">The server certificate.</param> /// <param name="chain">The X509Chain.</param> /// <param name="policyErrors">SslPolicyErrors.</param> /// <param name="clientCertVerifier">Client certificate.</param> /// <returns>Returns true when server certificate is valid.</returns> public bool VerifyServerCertificate(HttpRequestMessage httpRequestMessage, ICertificateVerifier serverCertVerifier, X509Chain chain, SslPolicyErrors policyErrors, ICertificateVerifier clientCertVerifier) { Arguments.IsNotNull(clientCertVerifier, nameof(clientCertVerifier)); X509Certificate2 serverCert = serverCertVerifier.Certificate; logger?.LogDebug("Server certification custom validation callback."); logger?.LogTrace(httpRequestMessage?.ToString()); logger?.LogTrace(chain?.ToString()); logger?.LogTrace(policyErrors.ToString()); logger?.LogTrace("ServerCert:" + Environment.NewLine + serverCert); try { // Verify Issuer. Issuer field is case-insensitive. if (!string.Equals(clientCertVerifier.Issuer, serverCertVerifier.Issuer, StringComparison.OrdinalIgnoreCase)) { logger?.LogError(Invariant($"Issuer are different for server certificate and the client certificate. Server Certificate Issuer: {clientCertVerifier.Issuer}, Client Certificate Issuer: {serverCertVerifier.Issuer}")); return(false); } else { logger?.LogDebug(Invariant($"Issuer validation passed: {serverCertVerifier.Issuer}")); } // Server certificate is not expired. DateTime now = DateTime.Now; if (serverCertVerifier.NotBefore > now || serverCertVerifier.NotAfter.AddDays(1) <= now) { logger?.LogError(Invariant($"Server certification is not in valid period from {serverCertVerifier.NotBefore.ToString(DateTimeFormatInfo.InvariantInfo)} until {serverCertVerifier.NotAfter.ToString(DateTimeFormatInfo.InvariantInfo)}")); return(false); } else { logger?.LogDebug("Server certificate validate date verification passed."); } } catch (Exception ex) { logger?.LogError(ex.ToString()); return(false); } logger?.LogDebug("Server certification custom validation successed."); return(true); }