您有两种选择。第一种选择是使用ServicePointManager类。您是正确的,它可以管理所有服务点,但是您可以在回调方法中使用“sender”参数来区分不同的服务点:
void SomeMethod()
{
ServicePointManager.ServerCertificateValidationCallback +=
ValidateServerCertificate;
var url = "https://mail.google.com/mail/?shva=1#inbox";
var request = (HttpWebRequest)WebRequest.Create(url);
request.GetResponse();
}
private static bool ValidateServerCertificate(object sender,
X509Certificate certificate, X509Chain chain,
SslPolicyErrors sslpolicyerrors)
{
if(sender is HttpWebRequest)
{
var request = (HttpWebRequest) sender;
if(request.RequestUri.ToString() == "https://mail.google.com/mail/?shva=1#inbox")
{
return (certificate.GetPublicKeyString() == "The public key string you expect");
}
}
return true;
}
这个选项适用于手动创建的HttpWebRequest和WCF创建的请求,因为“sender”对于两者都是HttpWebRequest。我不确定“sender”是否会是除了HttpWebRequest之外的其他内容。
第二个选项是直接从服务点获取证书:
void SomeMethod()
{
ServicePointManager.ServerCertificateValidationCallback +=
ValidateServerCertificate;
var url = "https://mail.google.com/mail/?shva=1#inbox";
var request = (HttpWebRequest)WebRequest.Create(url);
request.GetResponse();
var serverCert = request.ServicePoint.Certificate;
}
我不确定是否可以获取由WCF代理使用的ServicePoint。如果不行,这个选项对于WCF就行不通了。除此之外,最大的区别在于第一种选项在证书验证失败时防止连接,而第二种方法在连接建立后才进行验证。
如果你只需要确定请求是否经过代理:
var httpRequest = (HttpWebRequest)WebRequest.Create("someurl");
var isUsingProxy = DoesRequstUseProxy(request);
bool DoesRequestUseProxy(HttpWebRequest request)
{
if(request.Proxy == null)
{
return false;
}
return request.Proxy.GetProxy(request.RequestUri) != request.RequestUri;
}