HttpClientHandler.ServerCertificateCustomValidationCallback Property

Definition

Namespace:

System.Net.Http

Assembly:

System.Net.Http.dll

Source:

HttpClientHandler.cs

Gets or sets a callback method to validate the server certificate.

public:
 property Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ ServerCertificateCustomValidationCallback { Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ get(); void set(Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ value); };

[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public Func<System.Net.Http.HttpRequestMessage,System.Security.Cryptography.X509Certificates.X509Certificate2?,System.Security.Cryptography.X509Certificates.X509Chain?,System.Net.Security.SslPolicyErrors,bool>? ServerCertificateCustomValidationCallback { get; set; }

[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
member this.ServerCertificateCustomValidationCallback : Func<System.Net.Http.HttpRequestMessage, System.Security.Cryptography.X509Certificates.X509Certificate2, System.Security.Cryptography.X509Certificates.X509Chain, System.Net.Security.SslPolicyErrors, bool> with get, set

Public Property ServerCertificateCustomValidationCallback As Func(Of HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, Boolean)

Property Value

Func<HttpRequestMessage,X509Certificate2,X509Chain,SslPolicyErrors,Boolean>

A callback method to validate the server certificate.

Attributes

UnsupportedOSPlatformAttribute

Examples

The following code example displays the server certificate.

static async Task Main()
{
    // Create an HttpClientHandler object and set to use default credentials
    HttpClientHandler handler = new HttpClientHandler();

    // Set custom server validation callback
    handler.ServerCertificateCustomValidationCallback = ServerCertificateCustomValidation;

    // Create an HttpClient object
    HttpClient client = new HttpClient(handler);

    // Call asynchronous network methods in a try/catch block to handle exceptions
    try
    {
        HttpResponseMessage response = await client.GetAsync("https://docs.microsoft.com/");

        response.EnsureSuccessStatusCode();

        string responseBody = await response.Content.ReadAsStringAsync();
        Console.WriteLine($"Read {responseBody.Length} characters");
    }
    catch (HttpRequestException e)
    {
        Console.WriteLine("\nException Caught!");
        Console.WriteLine($"Message: {e.Message} ");
    }

    // Need to call dispose on the HttpClient and HttpClientHandler objects
    // when done using them, so the app doesn't leak resources
    handler.Dispose();
    client.Dispose();
}

private static bool ServerCertificateCustomValidation(HttpRequestMessage requestMessage, X509Certificate2? certificate, X509Chain? chain, SslPolicyErrors sslErrors)
{
    // It is possible to inspect the certificate provided by the server.
    Console.WriteLine($"Requested URI: {requestMessage.RequestUri}");
    Console.WriteLine($"Effective date: {certificate?.GetEffectiveDateString()}");
    Console.WriteLine($"Exp date: {certificate?.GetExpirationDateString()}");
    Console.WriteLine($"Issuer: {certificate?.Issuer}");
    Console.WriteLine($"Subject: {certificate?.Subject}");

    // Based on the custom logic it is possible to decide whether the client considers certificate valid or not
    Console.WriteLine($"Errors: {sslErrors}");
    return sslErrors == SslPolicyErrors.None;
}

Remarks

The ServerCertificateCustomValidationCallback can be used to obtain and validate the server certificate.