Disable hostname verification in c# httpwebrequest

https://stackoverflow.com/questions/21884001

13-10-2022
|

题

I'm implementing web services in a c# environment. I'm using a SSL connection. My url is seomthing like:

https://pseudoservername:8443/services/...

But the certificate expects it to be:

https://ourcompany.services.public.com:8443/services/...

So I got a hostname mismatch. In Java you can simply turn off this hostname verification by making your own hostnameVerifier class and letting the JVM use that one instead of the normal one. This is really useful because the effect are only local (only disable verification for this application) and temporary (hostnameverification can be turned on/off whenever the application wants to).

How can do you this is in c#?

I do not want a solution where the entire certificate validation is ignored. I also want to preserve the local & temporary effects of disabling the hostnameverification. I do also not want change my url (to just make them match) for reasons beyond the scope of this question.

解决方案

If you are using WebRequests or something similiar, you can hook into the ServicePointManager.ServerCertificateValidationCallback and add a custom validation scenario as

ServicePointManager.ServerCertificateValidationCallback = delegate(
            Object obj, X509Certificate certificate, X509Chain chain, 
            SslPolicyErrors errors)
            {
                if (errors == SslPolicyErrors.RemoteCertificateNameMismatch)
                {
                  return (true);
                }
            };

see the MSDN for details

许可以下： CC-BY-SA 和归因

不隶属于 StackOverflow