当前位置: 文江博客 话题详情

在 VB.NET 中接受自签名 TLS/SSL 证书

发布于 2024-11-06 19:13:53 字数 1143 浏览 1 评论 0 原文

我正在寻找一种使用 VB.NET 验证(或绕过验证)自签名 SSL 证书的方法。我在 C# 中找到了执行此操作的代码,并尝试将其转换为 VB 代码,但我没有任何运气。

以下是 C# 代码: 如何使用 WebRequest 通过 https 访问 SSL 加密站点?

这是我尝试过的:

Imports System
Imports System.Net
Imports System.Security.Cryptography.X509Certificates

Public Class clsSSL
    Public Function AcceptAllCertifications(ByVal sender As Object, ByVal certification As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslPolicyErrors As System.Net.Security.SslPolicyErrors) As Boolean
        Return True
    End Function
End Class

然后在 WebRequest 之前,我有这行代码,它给了我一个错误。

ServicePointManager.ServerCertificateValidationCallback =
    New System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications)

错误信息是:

委托“System.Net.Security.RemoteCertificateValidationCallback”需要“AddressOf”表达式或 lambda 表达式作为其构造函数的唯一参数。

原文

I'm searching for a way to validate (or bypass validation for) self-signed SSL certificates using VB.NET. I found code to do this in C# and tried converting it into VB code, but I'm not having any luck.

Here is the C# code: How do I use WebRequest to access an SSL encrypted site using https?

Here is what I tried:

Imports System
Imports System.Net
Imports System.Security.Cryptography.X509Certificates

Public Class clsSSL
    Public Function AcceptAllCertifications(ByVal sender As Object, ByVal certification As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslPolicyErrors As System.Net.Security.SslPolicyErrors) As Boolean
        Return True
    End Function
End Class

Then before the WebRequest I have this line of code which gives me an error.

ServicePointManager.ServerCertificateValidationCallback =
    New System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications)

The error message is:

Delegate 'System.Net.Security.RemoteCertificateValidationCallback' requires an 'AddressOf' expression or lambda expression as the only argument to its constructor.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(6

清眉祭 2024-11-13 19:13:53

在VB.Net中,你需要写

ServicePointManager.ServerCertificateValidationCallback = AddressOf AcceptAllCertifications

In VB.Net, you need to write

ServicePointManager.ServerCertificateValidationCallback = AddressOf AcceptAllCertifications
回复 原文
冰火雁神 2024-11-13 19:13:53

一句话:

System.Net.ServicePointManager.ServerCertificateValidationCallback = _
  Function(se As Object, _
  cert As System.Security.Cryptography.X509Certificates.X509Certificate, _
  chain As System.Security.Cryptography.X509Certificates.X509Chain, _
  sslerror As System.Net.Security.SslPolicyErrors) True

归功于 罗比·坦迪恩

One-liner:

System.Net.ServicePointManager.ServerCertificateValidationCallback = _
  Function(se As Object, _
  cert As System.Security.Cryptography.X509Certificates.X509Certificate, _
  chain As System.Security.Cryptography.X509Certificates.X509Chain, _
  sslerror As System.Net.Security.SslPolicyErrors) True

Credits to Robby Tendean

回复 原文
世态炎凉 2024-11-13 19:13:53

这里的所有答案都盲目接受任何证书。这是一个安全缺陷。

实施 ServicePointManager.ServerCertificateValidation 时回调应该验证证书。例如,通过根据已知值检查证书的哈希值:

Imports System.Net
Imports System.Net.Security
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates

ServicePointManager.ServerCertificateValidationCallback =
    Function(sender As Object, certificate As X509Certificate, chain As X509Chain,
             errors As SslPolicyErrors)
        Return _
            (errors = SslPolicyErrors.None) Or
            certificate.GetCertHashString(HashAlgorithmName.SHA256).Equals(
                "EB8E0B28AE064ED58CBED9DAEB46CFEB3BD7ECA67737179E3C85BC3CD09D4EEC")
    End Function

对于 X509Certificate.GetCertHashString 重载需要 HashAlgorithmName.SHA256,您需要 .NET 4.8。在旧版本上使用 返回 SHA-1 哈希值的无参数重载

基于当您知道无效证书是安全时测试 X509Certificate.Thumbprint 属性是否安全?

对于 C# 版本的代码,请参阅 FtpWebRequest“根据验证程序,远程证书无效”

All the answers here blindly accept any certificate. That's a security flaw.

When implementing ServicePointManager.ServerCertificateValidation callback one should validate the certificate. E.g. by checking certificate's hash against a known value:

Imports System.Net
Imports System.Net.Security
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates

ServicePointManager.ServerCertificateValidationCallback =
    Function(sender As Object, certificate As X509Certificate, chain As X509Chain,
             errors As SslPolicyErrors)
        Return _
            (errors = SslPolicyErrors.None) Or
            certificate.GetCertHashString(HashAlgorithmName.SHA256).Equals(
                "EB8E0B28AE064ED58CBED9DAEB46CFEB3BD7ECA67737179E3C85BC3CD09D4EEC")
    End Function

For the X509Certificate.GetCertHashString overload that takes HashAlgorithmName.SHA256, you need .NET 4.8. On older versions use the parameter-less overload that returns an SHA-1 hash.

Based on Is it safe to test the X509Certificate.Thumbprint property when you know an invalid certificate is safe?

For C# version of the code, see FtpWebRequest "The remote certificate is invalid according to the validation procedure".

回复 原文
眸中客 2024-11-13 19:13:53

我不确定,但这应该有效:

ServicePointManager.ServerCertificateValidationCallback = _
      New RemoteCertificateValidationCallback(AddressOf AcceptAllCertifications)

http://msdn.microsoft.com/de-de/library/system.net.security.remotecertificatevalidationcallback%28VS.90%29.aspx

I'm not sure but this should work:

ServicePointManager.ServerCertificateValidationCallback = _
      New RemoteCertificateValidationCallback(AddressOf AcceptAllCertifications)

http://msdn.microsoft.com/de-de/library/system.net.security.remotecertificatevalidationcallback%28VS.90%29.aspx

回复 原文
死开点丶别碍眼 2024-11-13 19:13:53

在VB.Net中,

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls

解决了应用程序安全性较低的问题。

In VB.Net,

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls

solves the less secure apps problem.

回复 原文
凡间太子 2024-11-13 19:13:53

在 VB.Net 中

ServicePointManager.ServerCertificateValidationCallback = Function(s, c, h, e) True

In VB.Net

ServicePointManager.ServerCertificateValidationCallback = Function(s, c, h, e) True
回复 原文
~没有更多了~

关于作者

初吻给了烟

暂无简介

0 文章
0 评论
22 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lorenzathorton8

文章 0 评论 0

Zero

文章 0 评论 0

萧瑟寒风

文章 0 评论 0

mylayout

文章 0 评论 0

tkewei

文章 0 评论 0

17818769742

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文