在向远程web服务请求web服务期间,我得到以下错误:
无法为SSL/TLS安全通道建立信任关系。——> System.Security.Authentication.AuthenticationException:根据验证程序,远端证书无效。
是否有办法忽略此错误并继续?
远程证书似乎没有签名。
我连接到的站点是www.czebox.cz——所以请随意访问该站点,并注意即使浏览器也会抛出安全异常。
在向远程web服务请求web服务期间,我得到以下错误:
无法为SSL/TLS安全通道建立信任关系。——> System.Security.Authentication.AuthenticationException:根据验证程序,远端证书无效。
是否有办法忽略此错误并继续?
远程证书似乎没有签名。
我连接到的站点是www.czebox.cz——所以请随意访问该站点,并注意即使浏览器也会抛出安全异常。
当前回答
IgnoreBadCertificates方法:
//I use a method to ignore bad certs caused by misc errors
IgnoreBadCertificates();
// after the Ignore call i can do what ever i want...
HttpWebRequest request_data = System.Net.WebRequest.Create(urlquerystring) as HttpWebRequest;
/*
and below the Methods we are using...
*/
/// <summary>
/// Together with the AcceptAllCertifications method right
/// below this causes to bypass errors caused by SLL-Errors.
/// </summary>
public static void IgnoreBadCertificates()
{
System.Net.ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications);
}
/// <summary>
/// In Short: the Method solves the Problem of broken Certificates.
/// Sometime when requesting Data and the sending Webserverconnection
/// is based on a SSL Connection, an Error is caused by Servers whoes
/// Certificate(s) have Errors. Like when the Cert is out of date
/// and much more... So at this point when calling the method,
/// this behaviour is prevented
/// </summary>
/// <param name="sender"></param>
/// <param name="certification"></param>
/// <param name="chain"></param>
/// <param name="sslPolicyErrors"></param>
/// <returns>true</returns>
private static bool AcceptAllCertifications(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certification, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors)
{
return true;
}
其他回答
添加证书验证处理程序。返回true将允许忽略验证错误:
ServicePointManager
.ServerCertificateValidationCallback +=
(sender, cert, chain, sslPolicyErrors) => true;
这个代码对我有用。我必须添加TLS2,因为这是我感兴趣的URL正在使用的。
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
ServicePointManager.ServerCertificateValidationCallback +=
(sender, cert, chain, sslPolicyErrors) => { return true; };
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(UserDataUrl);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new
MediaTypeWithQualityHeaderValue("application/json"));
Task<string> response = client.GetStringAsync(UserDataUrl);
response.Wait();
if (response.Exception != null)
{
return null;
}
return JsonConvert.DeserializeObject<UserData>(response.Result);
}
这适用于。net Core。 调用Soap客户端:
client.ClientCredentials.ServiceCertificate.SslCertificateAuthentication =
new X509ServiceCertificateAuthentication()
{
CertificateValidationMode = X509CertificateValidationMode.None,
RevocationMode = X509RevocationMode.NoCheck
};
绕过SSL证书....
HttpClientHandler clientHandler = new HttpClientHandler();
clientHandler.ServerCertificateCustomValidationCallback = (sender, cert, chain, sslPolicyErrors) => { return true; };
// Pass the handler to httpclient(from you are calling api)
var client = new HttpClient(clientHandler)
老了,但仍然有用……
实现相同行为的另一个好方法是通过配置文件(web.config)
<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false" />
</settings>
</system.net>
注意:测试在。net full上。