c# - WCF 连接的服务 ServicePointManager.ServerCertificateValidationCallback 未执行
问题描述
我在我的项目中添加了 WCF 连接服务引用并设置ServicePointManager.ServerCertificateValidationCallback
功能。由于某种原因,当我请求服务器时,此回调函数被忽略。如果用户确认,我必须通知用户证书问题并继续请求。
static async Task Main(string[] args)
{
ServicePointManager.ServerCertificateValidationCallback = MyServerCertificateValidationCallback;
var data = new DataSoapClient(DataSoapClient.EndpointConfiguration.DataSoap);
data.Endpoint.Address = new EndpointAddress("https://open.helios.eu/demo/Data.asmx");
(data.Endpoint.Binding as BasicHttpBinding).Security.Mode = BasicHttpSecurityMode.Transport;
var result = (await data.GetInfoAsync("GETREDIRECTINFO", string.Empty)).Body.GetInfoResult;
Console.WriteLine(result);
}
private static bool MyServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
// function won't execute
return true;
}
解决方案
最后我找到了解决我的问题的方法。正如 Abraham Quan 所提到的,回调在 .net 核心中不起作用,所以我不得不使用不同的方法并使用 X509CertificateValidator。这是一个代码片段:
static async Task Main(string[] args)
{
var data = new ServiceReference1.Service1Client(Service1Client.EndpointConfiguration.BasicHttpsBinding_IService1);
data.Endpoint.Address = new EndpointAddress("https://localhost:5035/Service1.svc");
(data.Endpoint.Binding as BasicHttpBinding).Security.Mode = BasicHttpSecurityMode.Transport;
data.ClientCredentials.ServiceCertificate.SslCertificateAuthentication = new X509ServiceCertificateAuthentication();
data.ClientCredentials.ServiceCertificate.SslCertificateAuthentication.CertificateValidationMode = X509CertificateValidationMode.Custom;
data.ClientCredentials.ServiceCertificate.SslCertificateAuthentication.CustomCertificateValidator = new Validator();
var result = await data.GetDataAsync(1);
Console.WriteLine(result);
}
并且有验证器:
internal class Validator : X509CertificateValidator
{
public override void Validate(X509Certificate2 certificate)
{
X509Chain chain = new X509Chain();
if (!chain.Build(certificate))
{
Console.WriteLine($"{chain.ChainStatus.FirstOrDefault().StatusInformation}. Press y to proceed...");
if(Console.ReadKey().KeyChar != 'y')
throw new SecurityTokenValidationException("Service certification is not valid.");
}
}
}
推荐阅读
- reactjs - React 测试库:想了解 container 和 document.body 的区别
- windows - PowerShell 从 WmiEvent (System.Management.ManagementEventWatcher) 获取详细的事件信息
- refactoring - 为什么“程序类”是一种设计气味?
- julia - 在 Julia 中哪里可以找到函数的签名?
- python - 如何在 Discord 机器人项目中运行额外的 Python 代码
- javascript - 如何使用样式化组件 onClick 更改 css 属性?
- java - Java函数无法识别return语句
- ios - SwiftUI:创建 CoreData 对象后无法关闭工作表
- xcode - 催化剂:UIKit 中缺少 UIReferenceLibraryViewController?
- python - 什么是最好的 Pythonic 解决方案?