HttpClientHandler.DangerousAcceptAnyServerCertificateValidator 属性

定义

获取始终返回 true 的缓存委托。Gets a cached delegate that always returns true.

public:
 static property Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ DangerousAcceptAnyServerCertificateValidator { Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ get(); };
public static Func<System.Net.Http.HttpRequestMessage,System.Security.Cryptography.X509Certificates.X509Certificate2,System.Security.Cryptography.X509Certificates.X509Chain,System.Net.Security.SslPolicyErrors,bool> DangerousAcceptAnyServerCertificateValidator { get; }
member this.DangerousAcceptAnyServerCertificateValidator : Func<System.Net.Http.HttpRequestMessage, System.Security.Cryptography.X509Certificates.X509Certificate2, System.Security.Cryptography.X509Certificates.X509Chain, System.Net.Security.SslPolicyErrors, bool>
Public Shared ReadOnly Property DangerousAcceptAnyServerCertificateValidator As Func(Of HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, Boolean)

属性值

始终返回 true 的缓存委托。A cached delegate that always returns true.

注解

特别是在测试方案中,常见模式使用 HttpClient 连接到具有不应验证的证书的服务器,例如自签名证书。Particularly in test scenarios, a common pattern use HttpClient to connect to a server with a certificate that shouldn't be validated, such as a self-signed certificate. 通常使用 HttpClientHandler,方法是将 ServerCertificateCustomValidationCallback 属性设置为始终返回 True的委托;这表明证书已通过验证。You commonly do this with HttpClientHandler by setting the ServerCertificateCustomValidationCallback property to a delegate that always returns True; this indicates that the certificate has passed validation. 但是,并不是所有的实现都支持此回调,某些引发 PlatformNotSupportedExceptionHowever, not all implementations support this callback, and some throw PlatformNotSupportedException.

DangerousAcceptAnyServerCertificateValidator 属性解决了这一限制。The DangerousAcceptAnyServerCertificateValidator property addresses this limitation. DangerousAcceptAnyServerCertificateValidator 属性返回的委托可以分配给 ServerCertificateCustomValidationCallback 属性,如以下示例所示:The delegate returned by the DangerousAcceptAnyServerCertificateValidator property can be assigned to the ServerCertificateCustomValidationCallback property, as the following example does:

handler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;

这为 HttpClientHandler 实现提供了一个已知的对象引用标识,旨在表达开发人员的意图。This gives HttpClientHandler implementations a known object reference identity that expresses the developer's intention. 如果 DangerousAcceptAnyServerCertificateValidator 属性中存储的对象等于 DangerousAcceptAnyServerCertificateValidator,则运行时可以完全禁用平台上的验证,否则会引发 PlatformNotSupportedExceptionIf the object stored in the DangerousAcceptAnyServerCertificateValidator property is reference equals to DangerousAcceptAnyServerCertificateValidator, the runtime is able to entirely disable validation on a platform that would otherwise throw a PlatformNotSupportedException.

作为一项有利,开发人员可以使用此属性使工具更轻松地标记禁用证书验证的风险,使开发人员可以更轻松地避免发送不安全的应用程序。As a side benefit, developers can use this property to make it easier for tools to flag the danger of disabling certificate validation, which makes it easier for developers to avoid shipping insecure applications.

适用于