| public ToString ( bool fVerbose ) : string | ||
| fVerbose | bool | |
| Результат | string | |
public virtual string ToString(bool fVerbose)
{
if (fVerbose == false || Pal == null)
return GetType().ToString();
StringBuilder sb = new StringBuilder();
// Subject
sb.AppendLine("[Subject]");
sb.Append(" ");
sb.AppendLine(Subject);
// Issuer
sb.AppendLine();
sb.AppendLine("[Issuer]");
sb.Append(" ");
sb.AppendLine(Issuer);
// Serial Number
sb.AppendLine();
sb.AppendLine("[Serial Number]");
sb.Append(" ");
byte[] serialNumber = GetSerialNumber();
Array.Reverse(serialNumber);
sb.Append(serialNumber.ToHexArrayUpper());
sb.AppendLine();
// NotBefore
sb.AppendLine();
sb.AppendLine("[Not Before]");
sb.Append(" ");
sb.AppendLine(FormatDate(GetNotBefore()));
// NotAfter
sb.AppendLine();
sb.AppendLine("[Not After]");
sb.Append(" ");
sb.AppendLine(FormatDate(GetNotAfter()));
// Thumbprint
sb.AppendLine();
sb.AppendLine("[Thumbprint]");
sb.Append(" ");
sb.Append(GetRawCertHash().ToHexArrayUpper());
sb.AppendLine();
return sb.ToString();
}
| X509Certificate::ToString ( ) : string |
public static bool CertValidationCallback(object sender,
System.Security.Cryptography.X509Certificates.X509Certificate cert,
System.Security.Cryptography.X509Certificates.X509Chain chain,
System.Net.Security.SslPolicyErrors polerrors)
{
if (polerrors == System.Net.Security.SslPolicyErrors.None)
{
return(true);
}
var certAsString = cert.ToString(true);
var request = (WebRequest)sender;
// Allow for the installer to download the CA cert via HTTPS as well
if (request.RequestUri.AbsolutePath.EndsWith("ca.cert.der") &&
certAsString.Contains(request.RequestUri.Host) &&
cert.Issuer.Equals("CN=FOG Server CA"))
{
return(true);
}
// great code from https://stackoverflow.com/a/37657252
if ((polerrors & System.Net.Security.SslPolicyErrors.RemoteCertificateChainErrors) != 0)
{
if (chain?.ChainStatus != null)
{
foreach (var status in chain.ChainStatus)
{
if ((cert.Subject == cert.Issuer) &&
(status.Status == X509ChainStatusFlags.UntrustedRoot))
{
// Self-signed certificates with an untrusted root are fine
continue;
}
if (status.Status != X509ChainStatusFlags.NoError)
{
if (RSA.IsFromCA(RSA.ServerCertificate(), new X509Certificate2(cert)))
{
// Ok, Mono is simply tooo dump to use the CA cert from the store
// and we need to do this check manually
return(true);
}
Log.Entry(LogName, "SSL certificate chain error: " + status.StatusInformation);
return(false);
}
}
}
// When we get here the only errors in the certificate chain should be
// untrusted root errors for self-signed certificates. These certificates
// are valid e.g. for default Exchange server installations.
return(true);
}
Log.Entry(LogName, "SSL connection error: " + polerrors);
return(false);
}