 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / Security / January 2007Server side certificate checking - OnCertificateValidation handler
Hello, My application performs several HTTPS requests (potentially concurrent) to different web sites In order to handle any error linked to certificate checking, Im setting up a callback function as follows : *************************** ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(OnCertificateValidation); [...] protected bool OnCertificateValidation(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { Console.WriteLine("Server Certificate Issued To: " + certificate.Subject); Console.WriteLine("Server Certificate Issued By: "+ certificate.Issuer); if (sslPolicyErrors != SslPolicyErrors.None) { Console.WriteLine("Server Certificate Validation Error: {0}", sslPolicyErrors.ToString()); return false; } else { Console.WriteLine("Server Certificate Validated."); return true; } } *************************** My problem is that ServicePointManager.ServerCertificateValidationCallback is static, which means that every Https request will use the same callback method. I would like to be able to tie a callback method to a particular HttpWebRequest object instead. Is this possible ? The reason for this is that my application connects to one particular web site whose certificate subject does not match the host name. However Im aware of this and would like to bypass the check in this case. However I still want to perform those checks for the other web sites my application connects to. Thanks, Tibo The "sender" parameter in the callback function will be the object that was used to generate the original request (such as an HttpWebRequest), so you can figure out what it is at runtime and then cast it to the appropriate type. From there, you can implement some branching logic based on the RequestUri or something that applies different policies to different hosts. I think that will get you what you want. Joe K.  SignatureJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- > Hello, > [quoted text clipped - 46 lines] > > Tibo Hi Joe, I thought it would have been possible to associate the callback function with a specific HttpWebRequest object (like it is possible with an SslStream(stream, bool, callback)). The approach you describe will work, but from a design point of view, keeping everything seperate would have suited me better. Once again, thanks Joe for your useful comments. Tibo On Jan 29, 4:45 pm, "Joe Kaplan" <joseph.e.kap...@removethis.accenture.com> wrote: > The "sender" parameter in the callback function will be the object that was > used to generate the original request (such as an HttpWebRequest), so you [quoted text clipped - 62 lines] > > > Tibo Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.