logo标签列表

忽略无效的SSL证书。

c#.netasp.net-mvc-3svnssl
11

我正在尝试从我们的子版本中打印日志消息。但是我在绕过无效的SSL证书方面遇到了困难。这是错误信息:

OPTIONS of 'https://xxxxx/svn/SiteFabrics/trunk/AppLaunch/Bloc/Frontend': Server certificate verification failed: certificate issued for a different hostname, issuer is not trusted (https://xxxx)

我的忽略证书错误的尝试是添加了这一行:

ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;

然而,这并没有产生任何影响,因为 .net 错误仍然是相同的。以下是代码,请问有人能看出我做错了什么吗?

        using (SvnClient client = new SvnClient())
        {
            Collection<SvnLogEventArgs> list;
            client.Authentication.DefaultCredentials = new NetworkCredential("user", "pass");

            ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;

            SvnLogArgs la = new SvnLogArgs(); //{ Start=128; End=132; };
            client.LoadConfiguration(Path.Combine(Path.GetTempPath(), "Svn"), true);
            client.GetLog(new Uri("https://[svnurl]"), la, out list);
            ViewBag.SVNLog = list;
        }
你看过这篇帖子吗?:https://dev59.com/SHA75IYBdhLWcg3wy8br - Tomas
在最近的SharpSvn版本中,您可以使用.UseDefaultConfiguration()代替.LoadConfiguration来避免使用临时目录。 - Bert Huijben
6个回答
3
找到了解决这个问题的方法:
首先添加这个:
        static void SVN_SSL_Override(object sender, SharpSvn.Security.SvnSslServerTrustEventArgs e)
    {
        e.AcceptedFailures = e.Failures;
        e.Save = true;
    }

然后替换我的原始魔法行:
            ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;

使用这个:
client.Authentication.SslServerTrustHandlers += new EventHandler<SharpSvn.Security.SvnSslServerTrustEventArgs>(SVN_SSL_Override);
0
基本上与上面的答案差不多,只需将回调作为委托传递即可。你可以试一试,也许对你有用。
ServicePointManager.ServerCertificateValidationCallback = delegate(object s, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return true; };
0
private void GetClaimParams(string targetUrl, out string loginUrl, out Uri navigationEndUrl)
        {
HttpWebRequest webRequest = null;
            WebResponse response = null;
            webRequest = (HttpWebRequest)WebRequest.Create(targetUrl);
            webRequest.Method = Constants.WR_METHOD_OPTIONS;
            #if DEBUG
                ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(IgnoreCertificateErrorHandler);
            #endif
            try
            {
                response = (WebResponse)webRequest.GetResponse();
                ExtraHeadersFromResponse(response, out loginUrl, out navigationEndUrl);
            }
            catch (WebException webEx)
            {
                ExtraHeadersFromResponse(webEx.Response, out loginUrl, out navigationEndUrl);
            }
}



#if DEBUG
        private bool IgnoreCertificateErrorHandler
           (object sender,
           System.Security.Cryptography.X509Certificates.X509Certificate certificate,
           System.Security.Cryptography.X509Certificates.X509Chain chain,
           System.Net.Security.SslPolicyErrors sslPolicyErrors)
        {
            return true;
        }
#endif // DEBUG
0

我正在使用这个...你可以试试:

//As given in the url to handle invalid SSL : http://msdn.microsoft.com/en-us/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx

                ServicePointManager.ServerCertificateValidationCallback += new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertificatePolicy.CheckValidationResult);
0

也可以使用lambda表达式(这里是VB):

AddHandler client.Authentication.SslServerTrustHandlers, Sub(ssender As Object, ev As SharpSvn.Security.SvnSslServerTrustEventArgs)
  ev.AcceptedFailures = ev.Failures
  ev.Save = True
End Sub
0

您可以使用 SVN UI(如 tortoisesvn)连接到存储库一次,并接受不良的 SSL 证书,然后它将正常工作。虽然不是代码修复,但在您的情况下可能有效。在我的情况下有效。

把证书颁发机构添加到你信任的认证机构列表中,这样安全性会更好,比接受任何证书都要好。 - Paciv
1
这正是 .SslServerTrustHandlers 实现所做的,通过设置 .Save = true。但仅仅保存可能行不通,因为在调用 .LoadConfiguration() 时未使用默认配置位置。 - Bert Huijben
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接