.NET的SSL通信过程中,使用的证书可能存在各种问题,某种情况下可以忽略证书的错误继续访问。可以用下面的方式跳过服务器证书验证,完成正常通信。
1.设置回调属性ServicePointManager.ServerCertificateValidationCallback
注:这个属性设置为要用于客户端的服务器证书的自定义验证方法
True:认证成功; False:认证失败。
C#代码
ServicePointManager.ServerCertificateValidationCallback =
new RemoteCertificateValidationCallback(
OnRemoteCertificateValidationCallback);
VB.NET代码
ServicePointManager.ServerCertificateValidationCallback = _
New RemoteCertificateValidationCallback( _
AddressOf OnRemoteCertificateValidationCallback)
2.把证书认证函数OnRemoteCertificateValidationCallback返回值True
C#代码
// 忽略证书认证错误处理的函数
private bool OnRemoteCertificateValidationCallback(
Object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
return true; // 认证正常,没有错误
}
VB.NET代码
' 忽略证书认证错误处理的函数
Private Function OnRemoteCertificateValidationCallback( _
ByVal sender As Object, _
ByVal certificate As X509Certificate, _
ByVal chain As X509Chain, _
ByVal sslPolicyErrors As SslPolicyErrors _
) As Boolean
Return True ' 认证正常,没有错误
End Function