编辑

通过

WinHttpHandler.ServerCertificateValidationCallback Property

Definition

Namespace:
System.Net.Http
Assembly:
System.Net.Http.WinHttpHandler.dll
Package:
System.Net.Http.WinHttpHandler v10.0.0-preview.5.25277.114
Source:
WinHttpHandler.cs
Source:
WinHttpHandler.cs
Source:
WinHttpHandler.cs

Gets or sets a callback method to validate the server certificate. This callback is part of the SSL handshake.

public:
 property Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ ServerCertificateValidationCallback { Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ get(); void set(Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ value); };
public Func<System.Net.Http.HttpRequestMessage,System.Security.Cryptography.X509Certificates.X509Certificate2,System.Security.Cryptography.X509Certificates.X509Chain,System.Net.Security.SslPolicyErrors,bool>? ServerCertificateValidationCallback { get; set; }
public Func<System.Net.Http.HttpRequestMessage,System.Security.Cryptography.X509Certificates.X509Certificate2,System.Security.Cryptography.X509Certificates.X509Chain,System.Net.Security.SslPolicyErrors,bool> ServerCertificateValidationCallback { get; set; }
member this.ServerCertificateValidationCallback : Func<System.Net.Http.HttpRequestMessage, System.Security.Cryptography.X509Certificates.X509Certificate2, System.Security.Cryptography.X509Certificates.X509Chain, System.Net.Security.SslPolicyErrors, bool> with get, set
Public Property ServerCertificateValidationCallback As Func(Of HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, Boolean)

Property Value

Func<HttpRequestMessage,X509Certificate2,X509Chain,SslPolicyErrors,Boolean>

The callback should return true if the server certificate is considered valid and the request should be sent. Otherwise, returns false.

Examples

The following code example implements the callback. If there are validation errors, this method returns false preventing communication with the unauthenticated server. Otherwise, it allows for additional validation and return true if the certificate is valid.

var handler = new WinHttpHandler();
handler.ServerCertificateValidationCallback = (httpRequestMessage, certificate, chain, sslPolicyErrors) =>
{
    if (sslPolicyErrors == SslPolicyErrors.None)
    {
        // TODO: Implement additional custom certificate validation logic here.
        return true;
    }
    // Do not allow this client to communicate with unauthenticated servers.
    return false;
};

Remarks

The default value is null. If this property is null, the server certificate is validated using standard well-known certificate authorities.

The delegate's sslPolicyErrors argument contains any certificate errors returned by SSPI while authenticating the server. The Boolean value returned by this delegate determines whether the authentication is allowed to succeed.

Applies to