Pet*_*ter 5 vb.net ssl web-services
好吧我再次工作一个web服务,其证书不是100%正确设置证书是为域*.domain1.com设置的,而api位于soap.shop.domain1.com/SOAP现在我无法连接到这个webservice然后我得到一个WebException"无法建立SSL/TLS安全通道的trush关系. - >远程证书根据验证程序无效.
现在我的问题是有没有办法绕过这个检查我使用普通的Web参考(2.0)而不是服务参考..
对于那些无法确定从哪里开始这个答案的人来说,这可能并不明显.上面的海报是正确的,但是对于如何处理给定代码并不是很明显.
假设您有一个类需要使用证书调用Web服务.
这是我完成的解决方案:
public class MyClass
{
public bool TrustAllCertificatesCallback(object sender, X509Certificate cert,
X509Chain chain, SslPolicyErrors errors)
{
return true;
}
public string CallSomeWebService(string someParam)
{
try
{
ServicePointManager.ServerCertificateValidationCallback = TrustAllCertificatesCallback;
RemoteWebService ws = new RemoteWebService();
//add the client cert to the web service call.
ws.ClientCertificates.Add(GetMyCert());
//call the web service
string response = ws.SomeMethod(someParam);
return response.ToString();
}
catch (Exception ex)
{throw;}
}
public X509Certificate GetMyCert()
{
try
{
string certPath = @"C:\MyCerts\MyCert.cer";
var cert = X509Certificate.CreateFromCertFile(certPath);
return cert;
}
catch (Exception ex)
{throw;}
}
}
是的,您可以使用以下命令让ASP.NET忽略证书警告:
using System;
using System.Net;
using System.Security.Cryptography.X509Certificates;
namespace YourNamespace
public class TrustAllCertificatePolicy : System.Net.ICertificatePolicy
{
public TrustAllCertificatePolicy() {}
public bool CheckValidationResult(ServicePoint sp, X509Certificate cert,WebRequest req, int problem)
{
return true;
}
}
}
System.Net.ServicePointManager.ServerCertificateValidationCallback = _
Function(a, b, c, d) True
选择你的味道..
Lambda表达
//Trust all certificates
System.Net.ServicePointManager.ServerCertificateValidationCallback =
((sender, certificate, chain, sslPolicyErrors) => true);
// trust sender (more secure)
System.Net.ServicePointManager.ServerCertificateValidationCallback
= ((sender, cert, chain, errors) => cert.Subject.Contains("YourServerName"));
或纯棉块(更适合测试)
// validate cert
// allows for validation of SSL conversations
ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateRemoteCertificate);
// callback used to validate the certificate in an SSL conversation
private static bool ValidateRemoteCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors policyErrors)
{
bool result = false;
if (cert.Subject.ToUpper().Contains("YourServerName"))
{
result = true;
}
return result;
}
| 归档时间: |
|
| 查看次数: |
21368 次 |
| 最近记录: |