ICertificatePolicy-Schnittstelle
Überprüft ein Serverzertifikat.
Namespace: System.Net
Assembly: System (in system.dll)
Syntax
'Declaration
Public Interface ICertificatePolicy
'Usage
Dim instance As ICertificatePolicy
public interface ICertificatePolicy
public interface class ICertificatePolicy
public interface ICertificatePolicy
public interface ICertificatePolicy
Hinweise
Mit der ICertificatePolicy-Schnittstelle wird in Anwendungen eine benutzerdefinierte Validierung von Sicherheitszertifikaten ermöglicht. In der Standardrichtlinie sind sowohl gültige Zertifikate als auch gültige, aber abgelaufene Zertifikate zulässig. Diese Richtlinie kann geändert werden, indem die ICertificatePolicy-Schnittstelle mit einer anderen Richtlinie implementiert und diese Richtlinie dann ServicePointManager.CertificatePolicy zugewiesen wird.
ICertificatePolicy verwendet SSPI (Security Support Provider Interface). Weitere Informationen hierzu finden Sie in MSDN in der Dokumentation zu SSPI.
Beispiel
Im folgenden Beispiel wird eine Richtlinie für Zertifikate erstellt, die für jedes mit Zertifikaten auftretende Problem false zurückgibt und auf der Konsole in einer Meldung auf das Problem hinweist. Mit der CertificateProblem-Enumeration werden SSPI-Konstanten für Zertifikatsprobleme definiert, und mit der privaten GetProblemMessage-Methode wird ein Meldungstext über das Problem erstellt.
Public Enum CertificateProblem As Long
CertEXPIRED = 2148204801 ' 0x800B0101
CertVALIDITYPERIODNESTING = 2148204802 ' 0x800B0102
CertROLE = 2148204803 ' 0x800B0103
CertPATHLENCONST = 2148204804 ' 0x800B0104
CertCRITICAL = 2148204805 ' 0x800B0105
CertPURPOSE = 2148204806 ' 0x800B0106
CertISSUERCHAINING = 2148204807 ' 0x800B0107
CertMALFORMED = 2148204808 ' 0x800B0108
CertUNTRUSTEDROOT = 2148204809 ' 0x800B0109
CertCHAINING = 2148204810 ' 0x800B010A
CertREVOKED = 2148204812 ' 0x800B010C
CertUNTRUSTEDTESTROOT = 2148204813 ' 0x800B010D
CertREVOCATION_FAILURE = 2148204814 ' 0x800B010E
CertCN_NO_MATCH = 2148204815 ' 0x800B010F
CertWRONG_USAGE = 2148204816 ' 0x800B0110
CertUNTRUSTEDCA = 2148204818 ' 0x800B0112
End Enum
Public Class MyCertificateValidation
Implements ICertificatePolicy
' Default policy for certificate validation.
Public Shared DefaultValidate As Boolean = False
Public Function CheckValidationResult(srvPoint As ServicePoint, _
cert As X509Certificate, request As WebRequest, problem As Integer) _
As Boolean Implements ICertificatePolicy.CheckValidationResult
Dim ValidationResult As Boolean = False
Console.WriteLine(("Certificate Problem with accessing " & _
request.RequestUri.ToString()))
Console.Write("Problem code 0x{0:X8},", CInt(problem))
Console.WriteLine(GetProblemMessage(CType(problem, _
CertificateProblem)))
ValidationResult = DefaultValidate
Return ValidationResult
End Function
Private Function GetProblemMessage(Problem As CertificateProblem) As String
Dim ProblemMessage As String = ""
Dim problemList As New CertificateProblem()
Dim ProblemCodeName As String = System.Enum.GetName( _
problemList.GetType(), Problem)
If Not (ProblemCodeName Is Nothing) Then
ProblemMessage = ProblemMessage + "-Certificateproblem:" & _
ProblemCodeName
Else
ProblemMessage = "Unknown Certificate Problem"
End If
Return ProblemMessage
End Function
End Class
public enum CertificateProblem : long
{
CertEXPIRED = 0x800B0101,
CertVALIDITYPERIODNESTING = 0x800B0102,
CertROLE = 0x800B0103,
CertPATHLENCONST = 0x800B0104,
CertCRITICAL = 0x800B0105,
CertPURPOSE = 0x800B0106,
CertISSUERCHAINING = 0x800B0107,
CertMALFORMED = 0x800B0108,
CertUNTRUSTEDROOT = 0x800B0109,
CertCHAINING = 0x800B010A,
CertREVOKED = 0x800B010C,
CertUNTRUSTEDTESTROOT = 0x800B010D,
CertREVOCATION_FAILURE = 0x800B010E,
CertCN_NO_MATCH = 0x800B010F,
CertWRONG_USAGE = 0x800B0110,
CertUNTRUSTEDCA = 0x800B0112
}
public class MyCertificateValidation : ICertificatePolicy
{
// Default policy for certificate validation.
public static bool DefaultValidate = false;
public bool CheckValidationResult(ServicePoint sp, X509Certificate cert,
WebRequest request, int problem)
{
bool ValidationResult=false;
Console.WriteLine("Certificate Problem with accessing " +
request.RequestUri);
Console.Write("Problem code 0x{0:X8},",(int)problem);
Console.WriteLine(GetProblemMessage((CertificateProblem)problem));
ValidationResult = DefaultValidate;
return ValidationResult;
}
private String GetProblemMessage(CertificateProblem Problem)
{
String ProblemMessage = "";
CertificateProblem problemList = new CertificateProblem();
String ProblemCodeName = Enum.GetName(problemList.GetType(),Problem);
if(ProblemCodeName != null)
ProblemMessage = ProblemMessage + "-Certificateproblem:" +
ProblemCodeName;
else
ProblemMessage = "Unknown Certificate Problem";
return ProblemMessage;
}
}
public enum class CertificateProblem : UInt32
{
CertEXPIRED = 0x800B0101,
CertVALIDITYPERIODNESTING = 0x800B0102,
CertROLE = 0x800B0103,
CertPATHLENCONST = 0x800B0104,
CertCRITICAL = 0x800B0105,
CertPURPOSE = 0x800B0106,
CertISSUERCHAINING = 0x800B0107,
CertMALFORMED = 0x800B0108,
CertUNTRUSTEDROOT = 0x800B0109,
CertCHAINING = 0x800B010A,
CertREVOKED = 0x800B010C,
CertUNTRUSTEDTESTROOT = 0x800B010D,
CertREVOCATION_FAILURE = 0x800B010E,
CertCN_NO_MATCH = 0x800B010F,
CertWRONG_USAGE = 0x800B0110,
CertUNTRUSTEDCA = 0x800B0112
};
public ref class MyCertificateValidation: public ICertificatePolicy
{
public:
// Default policy for certificate validation.
static bool DefaultValidate = false;
virtual bool CheckValidationResult( ServicePoint^ /*sp*/, X509Certificate^ /*cert*/, WebRequest^ request, int problem )
{
bool ValidationResult = false;
Console::WriteLine( "Certificate Problem with accessing {0}", request->RequestUri );
Console::Write( "Problem code 0x{0:X8},", (int)problem );
Console::WriteLine( GetProblemMessage( (CertificateProblem)problem ) );
ValidationResult = DefaultValidate;
return ValidationResult;
}
private:
String^ GetProblemMessage( CertificateProblem Problem )
{
String^ ProblemMessage = "";
CertificateProblem problemList = CertificateProblem( );
String^ ProblemCodeName = Enum::GetName( problemList.GetType(), Problem );
if ( ProblemCodeName != nullptr )
ProblemMessage = String::Concat( ProblemMessage, "-Certificateproblem:", ProblemCodeName );
else
ProblemMessage = "Unknown Certificate Problem";
return ProblemMessage;
}
};
public class CertificateProblem
{
public static final int certEXPIRED = 0x800B0101;
public static final int certVALIDITYPERIODNESTING = 0x800B0102;
public static final int certROLE = 0x800B0103;
public static final int certPATHLENCONST = 0x800B0104;
public static final int certCRITICAL = 0x800B0105;
public static final int certPURPOSE = 0x800B0106;
public static final int certISSUERCHAINING = 0x800B0107;
public static final int certMALFORMED = 0x800B0108;
public static final int certUNTRUSTEDROOT = 0x800B0109;
public static final int certCHAINING = 0x800B010A;
public static final int certREVOKED = 0x800B010C;
public static final int certUNTRUSTEDTESTROOT = 0x800B010D;
public static final int certREVOCATION_FAILURE = 0x800B010E;
public static final int certCN_NO_MATCH = 0x800B010F;
public static final int certWRONG_USAGE = 0x800B0110;
public static final int certUNTRUSTEDCA = 0x800B0112;
public String GetEnumCertificateProblem(int problem)
{
switch (problem) {
case 0x800B0101 :
return "CertExpired";
case 0x800B0102 :
return "CertVALIDITYPERIODNESTING";
case 0x800B0103 :
return "CertROLE";
case 0x800B0104 :
return "CertPATHLENCONST";
case 0x800B0105 :
return "CertCRITICAL";
case 0x800B0106 :
return "CertPURPOSE";
case 0x800B0107 :
return "CertISSUERCHAINING";
case 0x800B0108 :
return "CertMALFORMED";
case 0x800B0109 :
return "CertUNTRUSTEDROOT";
case 0x800B010A :
return "CertCHAINING";
case 0x800B010C :
return "CertREVOKED";
case 0x800B010D :
return "CertUNTRUSTEDTESTROOT";
case 0x800B010E :
return "CertREVOCATION_FAILURE";
case 0x800B010F :
return "CertCN_NO_MATCH";
case 0x800B0110 :
return "CertWRONG_USAGE";
case 0x800B0112 :
return "CertUNTRUSTEDCA";
default :
return null;
}
}//GetEnumCertificateProblem
}//CertificateProblem
public class MyCertificateValidation implements ICertificatePolicy
{
// Default policy for certificate validation.
public static boolean defaultValidate = false;
public boolean CheckValidationResult(ServicePoint sp, X509Certificate cert,
WebRequest request, int problem)
{
boolean validationResult = false;
Console.WriteLine(("Certificate Problem with accessing "
+ request.get_RequestUri()));
Console.Write("Problem code 0x{0:X8},",
((System.Int32)(problem)).ToString("X8"));
Console.WriteLine(GetProblemMessage((problem)));
validationResult = defaultValidate;
return validationResult;
} //CheckValidationResult
private String GetProblemMessage(int problem)
{
String problemMessage = "";
CertificateProblem problemList = new CertificateProblem();
String problemCodeName = problemList.GetEnumCertificateProblem(problem);
if (problemCodeName != null) {
problemMessage = problemMessage + "-Certificateproblem:"
+ problemCodeName;
}
else {
problemMessage = "Unknown Certificate Problem";
}
return problemMessage;
} //GetProblemMessage
} //MyCertificateValidation
Plattformen
Windows 98, Windows 2000 SP4, Windows CE, Windows Millennium Edition, Windows Mobile für Pocket PC, Windows Mobile für Smartphone, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
.NET Framework unterstützt nicht alle Versionen sämtlicher Plattformen. Eine Liste der unterstützten Versionen finden Sie unter Systemanforderungen.
Versionsinformationen
.NET Framework
Unterstützt in: 2.0, 1.1, 1.0
.NET Compact Framework
Unterstützt in: 2.0, 1.0