C#从网站下载所有https证书
我想将URL中的所有证书保存到磁盘。比如说 如果我用Firefox浏览这个页面,我可以看到三个证书。 使用Firefox,我可以将它们全部导出并保存到磁盘 所以我想在C中这样做。 我开始使用以下代码获取证书C#从网站下载所有https证书,c#,ssl,server,certificate,x509certificate,C#,Ssl,Server,Certificate,X509certificate,我想将URL中的所有证书保存到磁盘。比如说 如果我用Firefox浏览这个页面,我可以看到三个证书。 使用Firefox,我可以将它们全部导出并保存到磁盘 所以我想在C中这样做。 我开始使用以下代码获取证书 /// <summary> /// Get and write certificate from URL into file in path /// </summary> /// <param name="_URL">UR
/// <summary>
/// Get and write certificate from URL into file in path
/// </summary>
/// <param name="_URL">URL of website with certficate</param>
/// <param name="_path">Path where you want to store certificate</param>
private static void SaveCertificate(String _URL, String _path)
{
try
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(_URL);
request.AllowAutoRedirect = false;
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
response.Close();
X509Certificate2 cert = new X509Certificate2(request.ServicePoint.Certificate);
File.WriteAllText(_path, ExportToPEM(cert));
}
catch (Exception)
{
}
}
/// <summary>
/// Export a certificate to a PEM format string
/// </summary>
/// <param name="_cert">The certificate to export</param>
/// <returns>A PEM encoded string</returns>
public static string ExportToPEM(X509Certificate2 _cert)
{
StringBuilder builder = new StringBuilder();
try
{
builder.AppendLine("-----BEGIN CERTIFICATE-----");
builder.AppendLine(Convert.ToBase64String(_cert.Export(X509ContentType.Cert), Base64FormattingOptions.InsertLineBreaks));
builder.AppendLine("-----END CERTIFICATE-----");
}
catch (Exception)
{
}
return builder.ToString();
}
//
///从URL获取证书并将其写入路径中的文件
///
///带有证书的网站的URL
///要存储证书的路径
私有静态无效保存证书(字符串\u URL、字符串\u路径)
{
尝试
{
HttpWebRequest请求=(HttpWebRequest)WebRequest.Create(URL);
request.AllowAutoRedirect=false;
HttpWebResponse=(HttpWebResponse)request.GetResponse();
response.Close();
X509Certificate2 cert=新的X509Certificate2(request.ServicePoint.Certificate);
writealText(_path,ExportToPEM(cert));
}
捕获(例外)
{
}
}
///
///将证书导出为PEM格式字符串
///
///出口证明
///PEM编码的字符串
公共静态字符串导出项(X509Certificate2\u cert)
{
StringBuilder=新的StringBuilder();
尝试
{
builder.AppendLine(“----开始证书------”);
AppendLine(Convert.ToBase64String(_cert.Export(X509ContentType.cert),base64formatingoptions.InsertLineBreaks));
建造商。附录(“----最终证书------”);
}
捕获(例外)
{
}
返回builder.ToString();
}
我的问题是,如何从URL获取所有证书 获取证书链的一种方法是对
请求实施服务器CertificateValidationCallback
它是一个接受参数的函数:
(对象发送方、X509证书证书、X509链、SslPolicyErrors SslPolicyErrors)
这通常用于验证证书和链,但在本例中,我们只是使用它来访问证书链。这确实让人感觉很像黑客,但它应该会起作用。我已经根据您发布的代码实现了一个概念验证。代码将证书输出到控制台窗口
public static void Main(string[] args)
{
SaveCertificate("https://www.google.de", "");
}
/// <summary>
/// Get and write certificate from URL into file in path
/// </summary>
/// <param name="_URL">URL of website with certficate</param>
/// <param name="_path">Path where you want to store certificate</param>
private static void SaveCertificate(string url, string path)
{
var request = (HttpWebRequest)WebRequest.Create(url);
request.AllowAutoRedirect = false;
request.ServerCertificateValidationCallback = ServerCertificateValidationCallback;
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
response.Close();
Console.ReadLine();
}
private static bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
foreach (var cer in chain.ChainElements)
{
Console.WriteLine(cer.Certificate.FriendlyName);
Console.WriteLine(ExportToPem(cer.Certificate));
}
return true;
}
/// <summary>
/// Export a certificate to a PEM format string
/// </summary>
/// <param name="_cert">The certificate to export</param>
/// <returns>A PEM encoded string</returns>
public static string ExportToPem(X509Certificate2 cert)
{
StringBuilder builder = new StringBuilder();
try
{
builder.AppendLine("-----BEGIN CERTIFICATE-----");
builder.AppendLine(Convert.ToBase64String(cert.Export(X509ContentType.Cert), Base64FormattingOptions.InsertLineBreaks));
builder.AppendLine("-----END CERTIFICATE-----");
}
catch (Exception)
{
}
return builder.ToString();
}
publicstaticvoidmain(字符串[]args)
{
保存证书(“https://www.google.de", "");
}
///
///从URL获取证书并将其写入路径中的文件
///
///带有证书的网站的URL
///要存储证书的路径
私有静态无效保存证书(字符串url、字符串路径)
{
var request=(HttpWebRequest)WebRequest.Create(url);
request.AllowAutoRedirect=false;
request.ServerCertificateValidationCallback=ServerCertificateValidationCallback;
HttpWebResponse=(HttpWebResponse)request.GetResponse();
response.Close();
Console.ReadLine();
}
私有静态布尔服务器CertificateValidationCallback(对象发送方、X509Certificate证书、X509Chain链、SslPolicyErrors SslPolicyErrors)
{
foreach(chain.ChainElements中的变量cer)
{
Console.WriteLine(cer.Certificate.FriendlyName);
控制台写入线(出口证书);
}
返回true;
}
///
///将证书导出为PEM格式字符串
///
///出口证明
///PEM编码的字符串
公共静态字符串导出项(X509Certificate2Cert)
{
StringBuilder=新的StringBuilder();
尝试
{
builder.AppendLine(“----开始证书------”);
AppendLine(Convert.ToBase64String(cert.Export(X509ContentType.cert)、Base64FormattingOptions.InsertLineBreaks));
建造商。附录(“----最终证书------”);
}
捕获(例外)
{
}
返回builder.ToString();
}