ssl时如何忽略证书检查
我正在尝试找到一种在请求Https资源时忽略证书检查的方法,到目前为止,我在Internet上找到了一些有用的文章。
但是我仍然有一些问题。请检查我的代码。我只是不明白代码ServicePointManager.ServerCertificateValidationCallback是什么意思。
什么时候调用该委托方法?还有一个问题,我应该在哪里写这段代码?在ServicePointManager.ServerCertificateValidationCallback执行之前还是之前Stream
stream = request.GetRequestStream()?
public HttpWebRequest GetRequest(){
CookieContainer cookieContainer = new CookieContainer();
// Create a request to the server
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(_remoteUrl);
#region Set request parameters
request.Method = _context.Request.HttpMethod;
request.UserAgent = _context.Request.UserAgent;
request.KeepAlive = true;
request.CookieContainer = cookieContainer;
request.PreAuthenticate = true;
request.AllowAutoRedirect = false;
#endregion
// For POST, write the post data extracted from the incoming request
if (request.Method == "POST")
{
Stream clientStream = _context.Request.InputStream;
request.ContentType = _context.Request.ContentType;
request.ContentLength = clientStream.Length;
ServicePointManager.ServerCertificateValidationCallback = delegate(
Object obj, X509Certificate certificate, X509Chain chain,
SslPolicyErrors errors)
{
return (true);
};
Stream stream = request.GetRequestStream();
....
}
....
return request;
}
}
回答:
由于只有一个全局ServicePointManager,因此设置ServicePointManager.ServerCertificateValidationCallback将产生以下结果:所有后续请求都将继承此策略。由于它是全局“设置”,因此最好在Global.asax的Application_Start方法中进行设置。
设置回调将覆盖默认行为,您可以自己创建自定义验证例程。
以上是 ssl时如何忽略证书检查 的全部内容, 来源链接: utcz.com/qa/421865.html
