2010-07-22 208 views
4

給定一個url或服務器名稱,如何使用powershell或.net庫來下載Web服務器正在使用的(過期)證書,然後將其保存到文件或將其導入到我的證書存儲中?TrustAllCertificatesCallback被忽略

謝謝!

我已經取得了進步,我得到這個遠在這個問題上:

static class Program 
    { 
     static void Main() 
     { 
      ServicePointManager.ServerCertificateValidationCallback = TrustAllCertificatesCallback; 
      var tcpclient = new TcpClient("remote.example.com", 443); 
      var tcpstream = tcpclient.GetStream(); 
      var sslstream = new SslStream(tcpstream); 
      sslstream.AuthenticateAsClient("remote.example.com"); 
      X509Certificate rc = sslstream.RemoteCertificate; 
      Console.WriteLine(rc.ToString()); 
      Console.ReadLine(); 
     } 

     public static bool TrustAllCertificatesCallback(
      object sender, X509Certificate cert, 
      X509Chain chain, System.Net.Security.SslPolicyErrors errors) 
     { 
      return true; 
     } 
    } 

現在,當我運行這個程序,我上AuthenticateAsClient線的的AuthenticationException,它說「的遠程證書是根據無效驗證程序「。我在return true;上運行了一個斷點,它從來不叫TrustAllCertificatesCallback。我認爲程序集有權限或配置問題,有誰知道如何解決它?

回答

9

我還沒有做過這樣的事情,但看着例子,我想我可以看到什麼是錯的。試試這個代碼:

static class Program 
{ 
    static void Main() 
    { 
     var tcpclient = new TcpClient("remote.example.com", 443); 
     var tcpstream = tcpclient.GetStream(); 
     var sslstream = new SslStream(tcpstream, false, new RemoteCertificateValidationCallback (TrustAllCertificatesCallback)); 
     sslstream.AuthenticateAsClient("remote.example.com"); 
     X509Certificate rc = sslstream.RemoteCertificate; 
     Console.WriteLine(rc.ToString()); 
     Console.ReadLine(); 
    } 

    public static bool TrustAllCertificatesCallback(
     object sender, X509Certificate cert, 
     X509Chain chain, System.Net.Security.SslPolicyErrors errors) 
    { 
     return true; 
    } 
} 
+0

就是這樣!謝謝! – Segfault 2010-10-21 13:23:29

+2

PoshCode上有一個[SSL Oblivious Web Client] [1],還有[Get-Cert] [2],它實際上獲得證書而不是隻信任所有的證書。 [1]:http://poshcode.org/624 [2]:http://poshcode.org/69 – Jaykul 2010-10-25 14:05:26

+0

非常有幫助謝謝! – ojblass 2014-03-18 18:36:44