ICertificatePolicy Interfejs

Definicja

Namespace:: System.Net

Montaż:: System.dll

Ważny

Niektóre informacje dotyczą produktów przedpremierowych, które mogą zostać znacznie zmodyfikowane przed premierą. Microsoft nie udziela żadnych gwarancji, ani wyraźnych, ani domniemanych, dotyczących informacji podanych tutaj.

Weryfikuje certyfikat serwera.

public interface class ICertificatePolicy

public interface ICertificatePolicy

type ICertificatePolicy = interface

Public Interface ICertificatePolicy

Przykłady

Poniższy przykład tworzy zasady certyfikatu, które zwracają false wszelkie problemy z certyfikatem i wyświetla komunikat wskazujący problem w konsoli programu . Wyliczenie CertificateProblem definiuje stałe SSPI pod kątem problemów z certyfikatem, a prywatna metoda GetProblemMessage tworzy drukowalny komunikat o problemie.

public enum class CertificateProblem : UInt32
{
   CertEXPIRED = 0x800B0101,
   CertVALIDITYPERIODNESTING = 0x800B0102,
   CertROLE = 0x800B0103,
   CertPATHLENCONST = 0x800B0104,
   CertCRITICAL = 0x800B0105,
   CertPURPOSE = 0x800B0106,
   CertISSUERCHAINING = 0x800B0107,
   CertMALFORMED = 0x800B0108,
   CertUNTRUSTEDROOT = 0x800B0109,
   CertCHAINING = 0x800B010A,
   CertREVOKED = 0x800B010C,
   CertUNTRUSTEDTESTROOT = 0x800B010D,
   CertREVOCATION_FAILURE = 0x800B010E,
   CertCN_NO_MATCH = 0x800B010F,
   CertWRONG_USAGE = 0x800B0110,
   CertUNTRUSTEDCA = 0x800B0112
};

public ref class MyCertificateValidation: public ICertificatePolicy
{
public:

   // Default policy for certificate validation.
   static bool DefaultValidate = false;
   virtual bool CheckValidationResult( ServicePoint^ /*sp*/, X509Certificate^ /*cert*/, WebRequest^ request, int problem )
   {
      bool ValidationResult = false;
      Console::WriteLine( "Certificate Problem with accessing {0}", request->RequestUri );
      Console::Write( "Problem code 0x{0:X8},", (int)problem );
      Console::WriteLine( GetProblemMessage( (CertificateProblem)problem ) );
      ValidationResult = DefaultValidate;
      return ValidationResult;
   }

private:
   String^ GetProblemMessage( CertificateProblem Problem )
   {
      String^ ProblemMessage = "";
      CertificateProblem problemList = CertificateProblem(  );
      String^ ProblemCodeName = Enum::GetName( problemList.GetType(), Problem );
      if ( ProblemCodeName != nullptr )
            ProblemMessage = String::Concat( ProblemMessage, "-Certificateproblem:", ProblemCodeName );
      else
            ProblemMessage = "Unknown Certificate Problem";

      return ProblemMessage;
   }
};

public  enum    CertificateProblem  : long
{
        CertEXPIRED                   = 0x800B0101,
        CertVALIDITYPERIODNESTING     = 0x800B0102,
        CertROLE                      = 0x800B0103,
        CertPATHLENCONST              = 0x800B0104,
        CertCRITICAL                  = 0x800B0105,
        CertPURPOSE                   = 0x800B0106,
        CertISSUERCHAINING            = 0x800B0107,
        CertMALFORMED                 = 0x800B0108,
        CertUNTRUSTEDROOT             = 0x800B0109,
        CertCHAINING                  = 0x800B010A,
        CertREVOKED                   = 0x800B010C,
        CertUNTRUSTEDTESTROOT         = 0x800B010D,
        CertREVOCATION_FAILURE        = 0x800B010E,
        CertCN_NO_MATCH               = 0x800B010F,
        CertWRONG_USAGE               = 0x800B0110,
        CertUNTRUSTEDCA               = 0x800B0112
}

public class MyCertificateValidation : ICertificatePolicy
{
    // Default policy for certificate validation.
    public static bool DefaultValidate = false;

    public bool CheckValidationResult(ServicePoint sp, X509Certificate cert,
       WebRequest request, int problem)
    {
        bool ValidationResult=false;
        Console.WriteLine("Certificate Problem with accessing " +
           request.RequestUri);
        Console.Write("Problem code 0x{0:X8},",(int)problem);
        Console.WriteLine(GetProblemMessage((CertificateProblem)problem));

        ValidationResult = DefaultValidate;
        return ValidationResult;
    }

    private String GetProblemMessage(CertificateProblem Problem)
    {
        String ProblemMessage = "";
        CertificateProblem problemList = new CertificateProblem();
        String ProblemCodeName = Enum.GetName(problemList.GetType(),Problem);
        if(ProblemCodeName != null)
           ProblemMessage = ProblemMessage + "-Certificateproblem:" +
              ProblemCodeName;
        else
           ProblemMessage = "Unknown Certificate Problem";
        return ProblemMessage;
     }
}

Public Enum CertificateProblem As Long
    CertEXPIRED                   = 2148204801    ' 0x800B0101
    CertVALIDITYPERIODNESTING     = 2148204802    ' 0x800B0102
    CertROLE                      = 2148204803    ' 0x800B0103
    CertPATHLENCONST              = 2148204804    ' 0x800B0104
    CertCRITICAL                  = 2148204805    ' 0x800B0105
    CertPURPOSE                   = 2148204806    ' 0x800B0106
    CertISSUERCHAINING            = 2148204807    ' 0x800B0107
    CertMALFORMED                 = 2148204808    ' 0x800B0108
    CertUNTRUSTEDROOT             = 2148204809    ' 0x800B0109
    CertCHAINING                  = 2148204810    ' 0x800B010A
    CertREVOKED                   = 2148204812    ' 0x800B010C
    CertUNTRUSTEDTESTROOT         = 2148204813    ' 0x800B010D       
    CertREVOCATION_FAILURE        = 2148204814    ' 0x800B010E
    CertCN_NO_MATCH               = 2148204815    ' 0x800B010F
    CertWRONG_USAGE               = 2148204816    ' 0x800B0110
    CertUNTRUSTEDCA               = 2148204818     ' 0x800B0112
End Enum


Public Class MyCertificateValidation
    Implements ICertificatePolicy
    
    ' Default policy for certificate validation.
    Public Shared DefaultValidate As Boolean = False    
    
    Public Function CheckValidationResult(srvPoint As ServicePoint, _
       cert As X509Certificate, request As WebRequest, problem As Integer) _
       As Boolean Implements ICertificatePolicy.CheckValidationResult
       
        Dim ValidationResult As Boolean = False
        Console.WriteLine(("Certificate Problem with accessing " & _
           request.RequestUri.ToString()))
        Console.Write("Problem code 0x{0:X8},", CInt(problem))
        Console.WriteLine(GetProblemMessage(CType(problem, _
           CertificateProblem)))
        
        ValidationResult = DefaultValidate
        Return ValidationResult
    End Function    
    
    Private Function GetProblemMessage(Problem As CertificateProblem) As String
        Dim ProblemMessage As String = ""
        Dim problemList As New CertificateProblem()
        Dim ProblemCodeName As String = System.Enum.GetName( _
           problemList.GetType(), Problem)
        If Not (ProblemCodeName Is Nothing) Then
            ProblemMessage = ProblemMessage + "-Certificateproblem:" & _
               ProblemCodeName
        Else
            ProblemMessage = "Unknown Certificate Problem"
        End If
        Return ProblemMessage
    End Function
End Class

Uwagi

Interfejs ICertificatePolicy służy do zapewniania niestandardowej weryfikacji certyfikatu zabezpieczeń dla aplikacji. Domyślne zasady to zezwalanie na prawidłowe certyfikaty, a także prawidłowe certyfikaty, które wygasły. Aby zmienić te zasady, zaimplementuj ICertificatePolicy interfejs z innymi zasadami, a następnie przypisz te zasady do ServicePointManager.CertificatePolicy.

ICertificatePolicy używa interfejsu dostawcy obsługi zabezpieczeń (SSPI). Aby uzyskać więcej informacji, zobacz dokumentację SSPI w witrynie MSDN.

Metody

Nazwa	Opis
CheckValidationResult(ServicePoint, X509Certificate, WebRequest, Int32)	Weryfikuje certyfikat serwera.

Dotyczy

Sprzężenie zwrotne

Czy ta strona była pomocna?