我正在寻找一种使用VB.NET验证(或绕过验证)自签名SSL证书的方法。我在C#中找到了这样做的代码,并尝试将其转换为VB代码,但我没有任何运气。
下面是C#代码:How do I use WebRequest to access an SSL encrypted site using https?
这是我尝试过的:
Imports System
Imports System.Net
Imports System.Security.Cryptography.X509Certificates
Public Class clsSSL
Public Function AcceptAllCertifications(ByVal sender As Object, ByVal certification As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslPolicyErrors As System.Net.Security.SslPolicyErrors) As Boolean
Return True
End Function
End Class
然后在WebRequest
之前,我有这行代码,它给了我一个错误。
ServicePointManager.ServerCertificateValidationCallback =
New System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications)
错误消息为:
'System.Net.Security.RemoteCertificateValidationCallback‘委托
需要'AddressOf’表达式或λ表达式作为其构造函数的唯一参数。
发布于 2011-05-14 05:36:29
在VB.Net中,您需要编写
ServicePointManager.ServerCertificateValidationCallback = AddressOf AcceptAllCertifications
发布于 2018-03-06 16:08:00
一行:
System.Net.ServicePointManager.ServerCertificateValidationCallback = _
Function(se As Object, _
cert As System.Security.Cryptography.X509Certificates.X509Certificate, _
chain As System.Security.Cryptography.X509Certificates.X509Chain, _
sslerror As System.Net.Security.SslPolicyErrors) True
致谢给
发布于 2021-03-10 14:36:49
这里的所有答案都盲目地接受任何证书。这是一个安全漏洞。
在实现ServicePointManager.ServerCertificateValidation
callback时,应该验证证书。例如通过对照已知值检查证书的散列:
Imports System.Net
Imports System.Net.Security
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
ServicePointManager.ServerCertificateValidationCallback =
Function(sender As Object, certificate As X509Certificate, chain As X509Chain,
errors As SslPolicyErrors)
Return _
(errors = SslPolicyErrors.None) Or
certificate.GetCertHashString(HashAlgorithmName.SHA256).Equals(
"EB8E0B28AE064ED58CBED9DAEB46CFEB3BD7ECA67737179E3C85BC3CD09D4EEC")
End Function
对于X509Certificate.GetCertHashString
overload that takes HashAlgorithmName.SHA256
,您需要.NET 4.8。在较旧的版本中,使用返回SHA-1散列的the parameter-less overload。
基于
有关代码的C#版本,请参阅。
https://stackoverflow.com/questions/5998004
复制相似问题