如何忽略c#Signal客户端中的https证书警告?
我正试图用无效证书连接到信号器服务器。毫不奇怪,我得到了以下错误:如何忽略c#Signal客户端中的https证书警告?,c#,signalr,C#,Signalr,我正试图用无效证书连接到信号器服务器。毫不奇怪,我得到了以下错误: System.Net.Http.HttpRequestException : An error occurred while sending the request. ----> System.Net.WebException : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS
System.Net.Http.HttpRequestException : An error occurred while sending the request.
----> System.Net.WebException : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
----> System.Security.Authentication.AuthenticationException : The remote certificate is invalid according to the validation procedure.
使用普通的.Net
HttpClient
可以使用具有ServerCertificateValidationCallback
委托的WebRequestHandler
构造它,允许您更改证书验证行为。SignalRHttpClient
似乎没有这些功能。您应该为ServerCertificateValidationCallback
事件注册一个方法
这段代码只是注册了一个匿名方法,该方法在触发事件时返回true
ServicePointManager.ServerCertificateValidationCallback +=
(sender, certificate, chain, sslPolicyErrors) => true;
小心,这是一个全局设置。因此,所有ssl/tls请求信号器或http都将使用此设置。我相信我已经找到了一种方法,它似乎可以工作,但不像通常推荐的ServicePointManager.ServerCertificateValidationCallback方法那样是全局的。我首先创建了signer“DefaultHttpClient”类的一个子类,如下所示:
class CustomHttpClient : DefaultHttpClient
{
private readonly System.Net.Security.RemoteCertificateValidationCallback _serverCertificateValidationCallback;
public CustomHttpClient (System.Net.Security.RemoteCertificateValidationCallback serverCertificateValidationCallback) : base()
{
this._serverCertificateValidationCallback = serverCertificateValidationCallback;
}
protected override HttpMessageHandler CreateHandler()
{
var rv = base.CreateHandler() as WebRequestHandler;
if (this._serverCertificateValidationCallback != null)
rv.ServerCertificateValidationCallback = this._serverCertificateValidationCallback;
return rv;
}
}
var hubConnection = new HubConnection("my server url");
var myHub = hubConnection.CreateHubProxy("my hub name");
hubConnection.Start(new CustomHttpClient((sender, certificate, chain, sslPolicyErrors) =>
{
//put some validation logic here if you want to.
return true;
}));
现在,当我在HubConnection实例上调用“Start”时,我可以使用自定义HttpClient实现,如下所示:
class CustomHttpClient : DefaultHttpClient
{
private readonly System.Net.Security.RemoteCertificateValidationCallback _serverCertificateValidationCallback;
public CustomHttpClient (System.Net.Security.RemoteCertificateValidationCallback serverCertificateValidationCallback) : base()
{
this._serverCertificateValidationCallback = serverCertificateValidationCallback;
}
protected override HttpMessageHandler CreateHandler()
{
var rv = base.CreateHandler() as WebRequestHandler;
if (this._serverCertificateValidationCallback != null)
rv.ServerCertificateValidationCallback = this._serverCertificateValidationCallback;
return rv;
}
}
var hubConnection = new HubConnection("my server url");
var myHub = hubConnection.CreateHubProxy("my hub name");
hubConnection.Start(new CustomHttpClient((sender, certificate, chain, sslPolicyErrors) =>
{
//put some validation logic here if you want to.
return true;
}));
这将允许您根据自己的需要验证服务器证书,但将作用域保留在当前的HubConnection上,而不会影响应用程序的所有HTTP流量。谢谢。全局性不是很好,但我正在测试程序集中使用它,所以它已经足够好了。这对.NETCore不起作用。要在使用SignalR时始终验证.NET Core中的SSL,请参阅这必须适用于.NET Framework版本。正在为Core flavor寻找类似的解决方案