SSL HttpWebRequest to site with mismatched certificate on Azure?
-
06-09-2019 - |
Question
We have a client with mismatched SSL certificates in their QA environment. We’re making HttpWebRequest calls to those SSL-protected web resources from within an Azure web role. To get around their certificates, we set ServicePointManager.CertificatePolicy to a new policy that accepts all certificates. This works in a full trust environment, but fails with a SecurityPermission exception when we try to set the CertificatePolicy within the less-than-full-trust Azure environment. Is there a way that we can make those calls work from within our Azure service?
Solution
I'll answer my own question!
Apparently, to run it in full trust you simply need to enableNativeCodeExecution="true" in the web role configuration.
OTHER TIPS
Could this be something?
System.Net.ServicePointManager.ServerCertificateValidationCallback += delegate (
object sender,
X509Certificate cert,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors == SslPolicyErrors.None)
{
return true; //Is valid
}
//Add the mismatched certificate hashstring below.
//That way only that resource will be affected and not all certificates will be trusted.
if (cert.GetCertHashString() == "99E92D8447AEF30483B1D7527812C9B7B3A915A7")
{
return true;
}
return false;
};