How to validate SSL Certificate for Web request using ASP.NET Core

2
votes

I had implemented a method for getting the response from a REST API request(SSL based one : https://) using APS.NET core (System.Net.HttpWebRequest).

I need to ignore the certificate error which occurred while getting the WebResponse. I referred many blogs and got a solution of using ServicePointManager and used this below code

ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;

But in ASP.NET core there is no support for ServicePointManager. So please help me to resolve this issue only by means of HttpWebRequest not by means of HttpClient.

2
c#httpsasp.net-coreself-signedsystem.net.httpwebrequest

2 Answers

4
votes

.NET Core makes the ServerCertificateCustomValidationCallback delegate available for you to override. Example:

var handler = new HttpClientHandler();
handler.ServerCertificateCustomValidationCallback = delegate { return true; };
var http = new HttpClient(handler);
Console.WriteLine(http.GetAsync("https://expired.badssl.com/").GetAwaiter().GetResult());

Output:

StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
  Server: nginx/1.10.0
  Server: (Ubuntu)
  Date: Mon, 06 Mar 2017 05:56:52 GMT
  Transfer-Encoding: chunked
  Connection: keep-alive
  ETag: W/"58924b62-1d5"
  Cache-Control: no-store
  Content-Type: text/html
  Last-Modified: Wed, 01 Feb 2017 20:56:02 GMT
}

Tested on Ubuntu 16.04 with .NET 1.0.0-preview2-1-003177. There is an open issue related to this working the same on MacOS.

-1
votes

Before calling the request:

ServicePointManager.ServerCertificateValidationCallback = new   
RemoteCertificateValidationCallback(validarCertificado);

...And include this function:

protected bool validarCertificado(Object sender,
                              X509Certificate certificado,
                              X509Chain cadena,
                              SslPolicyErrors sslErrores)
{
   return true;
}