如何关闭 WCF 服务客户端的证书吊销?

发布于 2024-07-07 11:20:18 字数 74 浏览 13 评论 0原文

如何关闭 WCF 服务客户端的证书吊销? 客户端代理由 wsdl.exe 生成并继承 SoapHttpClientProtocol。

How can I turn off certificate revocation for a WCF service's client?
The client proxy was generated by wsdl.exe and inherits SoapHttpClientProtocol.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

妖妓 2024-07-14 11:20:18

我认为您正在寻找 ServicePointManager.ServerCertificateValidationCallback

http://msdn.microsoft.com /en-gb/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx

它需要一个 RemoteCertificateValidationCallback 委托:

http://msdn.microsoft.com /en-gb/library/system.net.security.remotecertificatevalidationcallback.aspx

我以前从未处理过吊销的证书(我可以处理其他问题,例如过期的 SSL),但我猜你只是做类似的事情:

class Program
{
    static void Main(string[] args)
    {
        ServicePointManager.ServerCertificateValidationCallback +=
            new RemoteCertificateValidationCallback(ValidateCertificate);

        // Do WCF calls...
    }

    public static bool ValidateCertificate(object sender, X509Certificate cert, 
                              X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        if(sslPolicyErrors == SslPolicyErrors.RemoteCertificateChainErrors)
        {
            foreach(X509ChainStatus chainStatus in chain.ChainStatus)
            {
                if(chainStatus.Status == X509ChainStatusFlags.Revoked)
                {
                    return true;
                }
            }
        }
        
        /* 
         WARNING!
     
         You should perform other cert validation checks here and not blindly 
         override your cert validation by returning true.

         Otherwise the secure channel between your client and service
         may not be secure.

        */

        return false;
    }
}

I think you're looking for ServicePointManager.ServerCertificateValidationCallback:

http://msdn.microsoft.com/en-gb/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx

Which takes a RemoteCertificateValidationCallback Delegate:

http://msdn.microsoft.com/en-gb/library/system.net.security.remotecertificatevalidationcallback.aspx

I've never dealt with a revoked certificate before (I have hand to handle other issues such as expired SSL's), but I'm guessing you'd just do something like:

class Program
{
    static void Main(string[] args)
    {
        ServicePointManager.ServerCertificateValidationCallback +=
            new RemoteCertificateValidationCallback(ValidateCertificate);

        // Do WCF calls...
    }

    public static bool ValidateCertificate(object sender, X509Certificate cert, 
                              X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        if(sslPolicyErrors == SslPolicyErrors.RemoteCertificateChainErrors)
        {
            foreach(X509ChainStatus chainStatus in chain.ChainStatus)
            {
                if(chainStatus.Status == X509ChainStatusFlags.Revoked)
                {
                    return true;
                }
            }
        }
        
        /* 
         WARNING!
     
         You should perform other cert validation checks here and not blindly 
         override your cert validation by returning true.

         Otherwise the secure channel between your client and service
         may not be secure.

        */

        return false;
    }
}
简单 2024-07-14 11:20:18

您可以在应用程序的配置文件中设置证书验证和吊销选项:

You can set certificate validation and revocation options in the config file for your application:

http://www.request-response.com/blog/PermaLink,guid,e9bb929b-d0b4-4626-b302-1d2715fc344a.aspx

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文