什么是用C＃处理非验证SSL证书的最佳方式

本文介绍了什么是用C＃处理非验证SSL证书的最佳方式的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我用下面的代码，以确保所有证书传球，甚至是无效的，但我想知道是否有更好的方法，作为本次活动得到全球打来电话，我只想证书通过了某些HTTP调用，而不是为异步发生的任何其他人。

I'm using the following code to make sure all certificates pass, even invalid ones, but I would like to know if there is a better way, as this event gets called globally and I only want the certificate to pass for a certain HTTP call and not for any others that are happening asynchronously.

// This delegate makes sure that non-validating SSL certificates are passed ServicePointManager.ServerCertificateValidationCallback = delegate(object certsender, X509Certificate cert, X509Chain chain, System.Net.Security.SslPolicyErrors error) { return true; };

上面的代码只是忽略证书上的任何非验证的一个例子。说我遇到的问题是，它是一个全球事件。我不能看到事件发生的哪个会话。我可能有一对夫妇的HTTP请求经历的，我想询问用户为每个请求的动作

The code above is just an example of ignoring any non-validation on the certificate. The problem that I'm having is that it is a global event. I can't see which session the event is happening for. I might have a couple of http requests going through and I want to ask the user for an action for each request.

推荐答案

怎么样的 certsender 参数？它是否包含任何明智的，这样你可以告诉回调发生什么连接呢？我查了.NET API，但它并没有说什么说法应该包含...

What about the certsender argument? Does it contain anything sensible so that you can tell what connection the callback is happening for? I checked the .NET API but it doesn't say what the argument is supposed to contain...