Instantly share code, notes, and snippets.

Embed
What would you like to do?
Code examples for the App security: SSL and certificate pinning blogpost
ServicePointManager.ServerCertificateValidationCallback +=
(sender, certificate, chain, sslPolicyErrors) => {
// ...
}
// validkeys should be a list of strings containing the trusted public keys
ServicePointManager.ServerCertificateValidationCallback +=
(sender, certificate, chain, sslPolicyErrors) => {
return validkeys.Contains(certificate?.GetPublicKeyString());
}
ServicePointManager.ServerCertificateValidationCallback +=
(sender, certificate, chain, sslPolicyErrors) => {
if (certificate == null)
{
return false;
}
foreach (var cert in chain.ChainPolicy.ExtraStore)
{
if (cert.Subject == certificate?.Issuer)
{
return validkeys.Contains(cert.GetPublicKeyString());
}
}
return false;
}
ServicePointManager.ServerCertificateValidationCallback +=
(sender, certificate, chain, sslPolicyErrors) => {
return false; // this effectively disables all certificate checks, never use this approach in production code!
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment