ICertificatePolicy ICertificatePolicy ICertificatePolicy ICertificatePolicy Interface

Définition

Valide un certificat de serveur.Validates a server certificate.

public interface class ICertificatePolicy
public interface ICertificatePolicy
type ICertificatePolicy = interface
Public Interface ICertificatePolicy

Exemples

L’exemple suivant crée une stratégie de certificat qui retourne false pour tout problème de certificat et imprime un message qui indique le problème dans la console.The following example creates a certificate policy that returns false for any certificate problem and prints a message that indicates the problem on the console. L’enum CertificateProblem définit les constantes SSPI pour les problèmes de certificat, et la méthode GetProblemMessage privée crée un message sur le problème.The CertificateProblem enum defines SSPI constants for certificate problems, and the private GetProblemMessage method creates a printable message about the problem.

public enum class CertificateProblem : UInt32
{
   CertEXPIRED = 0x800B0101,
   CertVALIDITYPERIODNESTING = 0x800B0102,
   CertROLE = 0x800B0103,
   CertPATHLENCONST = 0x800B0104,
   CertCRITICAL = 0x800B0105,
   CertPURPOSE = 0x800B0106,
   CertISSUERCHAINING = 0x800B0107,
   CertMALFORMED = 0x800B0108,
   CertUNTRUSTEDROOT = 0x800B0109,
   CertCHAINING = 0x800B010A,
   CertREVOKED = 0x800B010C,
   CertUNTRUSTEDTESTROOT = 0x800B010D,
   CertREVOCATION_FAILURE = 0x800B010E,
   CertCN_NO_MATCH = 0x800B010F,
   CertWRONG_USAGE = 0x800B0110,
   CertUNTRUSTEDCA = 0x800B0112
};

public ref class MyCertificateValidation: public ICertificatePolicy
{
public:

   // Default policy for certificate validation.
   static bool DefaultValidate = false;
   virtual bool CheckValidationResult( ServicePoint^ /*sp*/, X509Certificate^ /*cert*/, WebRequest^ request, int problem )
   {
      bool ValidationResult = false;
      Console::WriteLine( "Certificate Problem with accessing {0}", request->RequestUri );
      Console::Write( "Problem code 0x{0:X8},", (int)problem );
      Console::WriteLine( GetProblemMessage( (CertificateProblem)problem ) );
      ValidationResult = DefaultValidate;
      return ValidationResult;
   }

private:
   String^ GetProblemMessage( CertificateProblem Problem )
   {
      String^ ProblemMessage = "";
      CertificateProblem problemList = CertificateProblem(  );
      String^ ProblemCodeName = Enum::GetName( problemList.GetType(), Problem );
      if ( ProblemCodeName != nullptr )
            ProblemMessage = String::Concat( ProblemMessage, "-Certificateproblem:", ProblemCodeName );
      else
            ProblemMessage = "Unknown Certificate Problem";

      return ProblemMessage;
   }
};
public  enum    CertificateProblem  : long
{
        CertEXPIRED                   = 0x800B0101,
        CertVALIDITYPERIODNESTING     = 0x800B0102,
        CertROLE                      = 0x800B0103,
        CertPATHLENCONST              = 0x800B0104,
        CertCRITICAL                  = 0x800B0105,
        CertPURPOSE                   = 0x800B0106,
        CertISSUERCHAINING            = 0x800B0107,
        CertMALFORMED                 = 0x800B0108,
        CertUNTRUSTEDROOT             = 0x800B0109,
        CertCHAINING                  = 0x800B010A,
        CertREVOKED                   = 0x800B010C,
        CertUNTRUSTEDTESTROOT         = 0x800B010D,
        CertREVOCATION_FAILURE        = 0x800B010E,
        CertCN_NO_MATCH               = 0x800B010F,
        CertWRONG_USAGE               = 0x800B0110,
        CertUNTRUSTEDCA               = 0x800B0112
}

public class MyCertificateValidation : ICertificatePolicy
{
    // Default policy for certificate validation.
    public static bool DefaultValidate = false; 

    public bool CheckValidationResult(ServicePoint sp, X509Certificate cert,
       WebRequest request, int problem)
    {        
        bool ValidationResult=false;
        Console.WriteLine("Certificate Problem with accessing " +
           request.RequestUri);
        Console.Write("Problem code 0x{0:X8},",(int)problem);
        Console.WriteLine(GetProblemMessage((CertificateProblem)problem));

        ValidationResult = DefaultValidate;
        return ValidationResult; 
    }
    
    private String GetProblemMessage(CertificateProblem Problem)
    {
        String ProblemMessage = "";
        CertificateProblem problemList = new CertificateProblem();
        String ProblemCodeName = Enum.GetName(problemList.GetType(),Problem);
        if(ProblemCodeName != null)
           ProblemMessage = ProblemMessage + "-Certificateproblem:" +
              ProblemCodeName;
        else
           ProblemMessage = "Unknown Certificate Problem";
        return ProblemMessage;
     }
}
   
Public Enum CertificateProblem As Long
    CertEXPIRED                   = 2148204801    ' 0x800B0101
    CertVALIDITYPERIODNESTING     = 2148204802    ' 0x800B0102
    CertROLE                      = 2148204803    ' 0x800B0103
    CertPATHLENCONST              = 2148204804    ' 0x800B0104
    CertCRITICAL                  = 2148204805    ' 0x800B0105
    CertPURPOSE                   = 2148204806    ' 0x800B0106
    CertISSUERCHAINING            = 2148204807    ' 0x800B0107
    CertMALFORMED                 = 2148204808    ' 0x800B0108
    CertUNTRUSTEDROOT             = 2148204809    ' 0x800B0109
    CertCHAINING                  = 2148204810    ' 0x800B010A
    CertREVOKED                   = 2148204812    ' 0x800B010C
    CertUNTRUSTEDTESTROOT         = 2148204813    ' 0x800B010D       
    CertREVOCATION_FAILURE        = 2148204814    ' 0x800B010E
    CertCN_NO_MATCH               = 2148204815    ' 0x800B010F
    CertWRONG_USAGE               = 2148204816    ' 0x800B0110
    CertUNTRUSTEDCA               = 2148204818     ' 0x800B0112
End Enum


Public Class MyCertificateValidation
    Implements ICertificatePolicy
    
    ' Default policy for certificate validation.
    Public Shared DefaultValidate As Boolean = False    
    
    Public Function CheckValidationResult(srvPoint As ServicePoint, _
       cert As X509Certificate, request As WebRequest, problem As Integer) _
       As Boolean Implements ICertificatePolicy.CheckValidationResult
       
        Dim ValidationResult As Boolean = False
        Console.WriteLine(("Certificate Problem with accessing " & _
           request.RequestUri.ToString()))
        Console.Write("Problem code 0x{0:X8},", CInt(problem))
        Console.WriteLine(GetProblemMessage(CType(problem, _
           CertificateProblem)))
        
        ValidationResult = DefaultValidate
        Return ValidationResult
    End Function    
    
    Private Function GetProblemMessage(Problem As CertificateProblem) As String
        Dim ProblemMessage As String = ""
        Dim problemList As New CertificateProblem()
        Dim ProblemCodeName As String = System.Enum.GetName( _
           problemList.GetType(), Problem)
        If Not (ProblemCodeName Is Nothing) Then
            ProblemMessage = ProblemMessage + "-Certificateproblem:" & _
               ProblemCodeName
        Else
            ProblemMessage = "Unknown Certificate Problem"
        End If
        Return ProblemMessage
    End Function
End Class

Remarques

Le ICertificatePolicy interface est utilisée pour fournir la validation de certificat de sécurité personnalisé pour une application.The ICertificatePolicy interface is used to provide custom security certificate validation for an application. La stratégie par défaut consiste à autoriser les certificats valides, ainsi que les certificats valides qui ont expiré.The default policy is to allow valid certificates, as well as valid certificates that have expired. Pour modifier cette stratégie, vous devez implémenter le ICertificatePolicy créent une interface avec une stratégie différente et ensuite affecter cette stratégie à ServicePointManager.CertificatePolicy.To change this policy, implement the ICertificatePolicy interface with a different policy, and then assign that policy to ServicePointManager.CertificatePolicy.

ICertificatePolicy utilise la prise en charge Interface SSPI (Security Provider).ICertificatePolicy uses the Security Support Provider Interface (SSPI). Pour plus d’informations, consultez la documentation de SSPI sur MSDN.For more information, see the SSPI documentation on MSDN.

Méthodes

CheckValidationResult(ServicePoint, X509Certificate, WebRequest, Int32) CheckValidationResult(ServicePoint, X509Certificate, WebRequest, Int32) CheckValidationResult(ServicePoint, X509Certificate, WebRequest, Int32) CheckValidationResult(ServicePoint, X509Certificate, WebRequest, Int32)

Valide un certificat de serveur.Validates a server certificate.

S’applique à