public override void Validate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) { if (!String.IsNullOrEmpty(hash) && certificate.GetCertHashString() != hash) { throw new SecurityException("Server cannot be authenticated"); } }
private bool CustomCertificateValidation(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors) { if(sslPolicyErrors != System.Net.Security.SslPolicyErrors.None) { if (!WaCertThumbprints.Contains(certificate.GetCertHashString())) return this.AskCertificateApproval(sslPolicyErrors, certificate); } return true; }
public static string FormatX509Certificate(System.Security.Cryptography.X509Certificates.X509Certificate2 x509Certificate, string format, System.IFormatProvider formatProvider) { var stringBuilder = new System.Text.StringBuilder(500); stringBuilder.Append("[Subject]" + System.Environment.NewLine + " "); stringBuilder.Append(x509Certificate.Subject); stringBuilder.Append(System.Environment.NewLine + System.Environment.NewLine + "[Issuer]" + System.Environment.NewLine + " "); stringBuilder.Append(x509Certificate.Issuer); stringBuilder.Append(System.Environment.NewLine + System.Environment.NewLine + "[Serial Number]" + System.Environment.NewLine + " "); stringBuilder.Append(x509Certificate.SerialNumber); stringBuilder.Append(System.Environment.NewLine + System.Environment.NewLine + "[Not Before]" + System.Environment.NewLine + " "); stringBuilder.Append(x509Certificate.NotBefore.ToString(formatProvider)); stringBuilder.Append(System.Environment.NewLine + System.Environment.NewLine + "[Not After]" + System.Environment.NewLine + " "); stringBuilder.Append(x509Certificate.NotAfter.ToString(formatProvider)); stringBuilder.Append(System.Environment.NewLine + System.Environment.NewLine + "[Thumbprint]" + System.Environment.NewLine + " "); stringBuilder.Append(x509Certificate.GetCertHashString()); stringBuilder.Append(System.Environment.NewLine); return stringBuilder.ToString(); }
private static bool ValidateUntrustedCert(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors) { if (certificate.GetCertHashString() == PuProdCertThumbPrint) { if (Properties.Settings.Default.AllowUnsafePuProdCert) { return true; } throw new ApplicationException(@"PU prod does have a self signed certificate. To allow the use of the well known self signed certificate add the setting <setting name=""AllowUnsafePuProdCert"" serializeAs=""String""> <value>True</value> </setting> to your app/web.config This is not enabled by default to make sure you are aware that you trust a self signed certificate. "); } return sslPolicyErrors == System.Net.Security.SslPolicyErrors.None; }
private bool CustomCertificateValidation(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors) { if (certificate.GetCertHashString() == WA_CERT_THUMBPRINT) { return true; } else { return false; } }
private bool CustomCertificateValidation(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors) { if (WaCertThumbprints.Contains(certificate.GetCertHashString())) { return true; } else { return false; } }