Skip to content

Instantly share code, notes, and snippets.

@george-chakhidze
Created December 6, 2018 10:34
Show Gist options
  • Save george-chakhidze/dec3406d64e8ffe56df5e186ee9a610d to your computer and use it in GitHub Desktop.
Save george-chakhidze/dec3406d64e8ffe56df5e186ee9a610d to your computer and use it in GitHub Desktop.
Inspect TLS server certificate
using System;
using System.IO;
using System.Net;
using System.Net.Security;
using System.Net.Sockets;
using System.Runtime.InteropServices;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks;
using static System.Console;
static class Program
{
static async Task Main(string[] args)
{
using (var socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp))
{
await socket.ConnectAsync(IPAddress.Parse("52.3.53.115"), 443);
using (var network = new NetworkStream(socket, FileAccess.ReadWrite, true))
using (var ssl = new SslStream(network, false, new RemoteCertificateValidationCallback(InspectTlsCertificate), null, EncryptionPolicy.AllowNoEncryption))
{
await ssl.AuthenticateAsClientAsync("atom.io");
WriteLine($"CipherAlgorithm = {ssl.CipherAlgorithm}");
WriteLine($"HashAlgorithm = {ssl.HashAlgorithm}");
WriteLine($"KeyExchangeAlgorithm = {ssl.KeyExchangeAlgorithm}");
WriteLine($"SslProtocol = {ssl.SslProtocol}");
ssl.WriteByte(0x1);
await ssl.FlushAsync();
}
}
}
static bool InspectTlsCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
WriteLine(certificate.Subject);
if (certificate is X509Certificate2 certificate2)
{
WriteLine(certificate2.FriendlyName);
//X509Certificate2UI.DisplayCertificate(certificate2, NativeMethods.GetConsoleWindow());
}
return true;
}
static class NativeMethods
{
[DllImport("kernel32.dll", SetLastError = false, ExactSpelling = true)]
internal static extern IntPtr GetConsoleWindow();
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment