SSL certificate validation in C #

Question

SSL certificate validation in C #

I download files from FTPS server and the server sends me a certificate.

Microsoft states:

When no custom validation is used, the certificate name is compared to the hostname used to create the request. For example, if "Create (String)" was passed the parameter "https://www.contoso.com/default.hmtl", the default behavior is for the client to validate the certificate against www.contoso.com.

The certificate fails validation by default (RemoteCertificateNameMismatch). Right now I am using a ServicePointManager.ServerCertificateValidationCallback delegate and provide a delegate that returns true, just "pass" without any validation. How can I verify a certificate using C #?

One of the deggate parameters mentioned above, the X509Certificate, contains two public properties of interest: Issuer and Subject. Neither property contains data matching the hostname.

+3

c # validation certificate ssl

Rehnen 14 Mar At 12:54 pm

source to share

1 answer

slepox · Answer 1 · 2012-03-18T13:37:48+0000

Typically you should have a valid certificate against the correct hostname in order to pass validation instead of overwriting the callback. What target address did you use to access the FTP server? It should be different from the item according to your description. You can use the hostname to access the server instead of the current one. You can also install the client hosts file if you have DNS issues.

SSL certificate validation in C #

More articles: