Question

如何关闭WCF服务客户端的证书吊销？客户端代理由wsdl.exe生成并继承SoapHttpClientProtocol。

Answer 1

我认为你正在寻找ServicePointManager.ServerCertificateValidationCallback：

http://msdn.microsoft.com/en-gb/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx

需要RemoteCertificateValidationCallback代表：

http://msdn.microsoft.com/en-gb/library/system.net.security.remotecertificatevalidationcallback.aspx

我以前从未处理过撤销的证书（我有办法解决其他问题，例如过期的SSL），但我猜你只是做了类似的事情：

class Program
{
    static void Main(string[] args)
    {
        ServicePointManager.ServerCertificateValidationCallback +=
            new RemoteCertificateValidationCallback(ValidateCertificate);

        // Do WCF calls...
    }

    public static bool ValidateCertificate(object sender, X509Certificate cert, 
                              X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        if(sslPolicyErrors == SslPolicyErrors.RemoteCertificateChainErrors)
        {
            foreach(X509ChainStatus chainStatus in chain.ChainStatus)
            {
                if(chainStatus.Status == X509ChainStatusFlags.Revoked)
                {
                    return true;
                }
            }
        }

        return false;
    }
}

Answer 2

您可以在应用程序的配置文件中设置证书验证和吊销选项：

http://www.request-response.com/blog/PermaLink,guid,e9bb929b-d0b4-4626-b302-1d2715fc344a.aspx

如何关闭WCF服务客户端的证书吊销？

2 个答案: