0

我有一个连接到许多 URL 的多线程应用程序,并且只需要在某些线程上检查 SSL 证书。

我知道我可以使用ServicePointManager.ServerCertificateValidationCallback,但它可以在异步模式下同时跨所有线程工作。

我需要在连接到 URL 的函数的同步执行中的当前线程中进行检查。

有任何想法吗?

4

1 回答 1

1

您可以像这样定义请求和证书函数之间的映射:

// delegate definition for cert checking function
private delegate bool CertFunc(X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors);

// mapping between outbound requests and cert checking functions
private static readonly ConcurrentDictionary<HttpWebRequest, CertFunc> _certFuncMap = new ConcurrentDictionary<HttpWebRequest, CertFunc>();

// global cert callback
private static bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
  // call back into the cert checking function that is associated with this request
  var httpWebRequest = (HttpWebRequest)sender;
  CertFunc certFunc = _certFuncMap[httpWebRequest];
  return certFunc(certificate, chain, sslPolicyErrors);
}

然后在发出请求的代码中:

// register the global cert callback
ServicePointManager.ServerCertificateValidationCallback += ServerCertificateValidationCallback;

// create the request object
var httpWebRequest = (HttpWebRequest)WebRequest.Create(requestUri);

// cert checking function
CertFunc certFunc = (certificate, chain, sslPolicyErrors) =>
{
  // perform cert logic here
  return true;
};
_certFuncMap[httpWebRequest] = certFunc;

using (var webResponse = httpWebRequest.GetResponse())
{
  // process the response...
}

// clean up the mapping
_certFuncMap.TryRemove(httpWebRequest, out certFunc);
于 2013-02-28T19:17:49.547 回答