.NET的SSL通信過程中,使用的證書可能存在各種問題,某種情況下可以忽略證書的錯誤繼續訪問。可以用下面的方式跳過服務器證書驗證,完成正常通信。
1.設置回調屬性ServicePointManager.ServerCertificateValidationCallback
注:這個屬性設置為要用於客戶端的服務器證書的自定義驗證方法
True:認證成功; False:認證失敗。
C#代碼
1 ServicePointManager.ServerCertificateValidationCallback = 2 new RemoteCertificateValidationCallback( 3 OnRemoteCertificateValidationCallback);
VB.NET代碼
1 ServicePointManager.ServerCertificateValidationCallback = _ 2 New RemoteCertificateValidationCallback( _ 3 AddressOf OnRemoteCertificateValidationCallback)
2.把證書認證函數OnRemoteCertificateValidationCallback返回值True
C#代碼
1 // 忽略證書認證錯誤處理的函數 2 private bool OnRemoteCertificateValidationCallback( 3 Object sender, 4 X509Certificate certificate, 5 X509Chain chain, 6 SslPolicyErrors sslPolicyErrors) 7 { 8 return true; // 認證正常,沒有錯誤 9 }
VB.NET代碼
' 忽略證書認證錯誤處理的函數 Private Function OnRemoteCertificateValidationCallback( _ ByVal sender As Object, _ ByVal certificate As X509Certificate, _ ByVal chain As X509Chain, _ ByVal sslPolicyErrors As SslPolicyErrors _ ) As Boolean Return True ' 認證正常,沒有錯誤
End Function