获取ssl证书信息 - .net
[英]obtain ssl certificate information - .net
问题描述
i am looking to get the data from any given domain names SSL certificate. 
我希望从任何给定的域名SSL证书获取数据。 For example I want to put in any website address eg " http://stackoverflow.com " and my code would firstly check if an SSL certificate exists. 例如,我想放入任何网站地址,例如“ http://stackoverflow.com ”,我的代码将首先检查是否存在SSL证书。 If it does then I want it to pull out the expiry date of the certificate. 如果确实如此,我希望它能够取出证书的失效日期。 [ i am reading Domainnames from DB ] Example : http://www.digicert.com/help/ [我正在阅读DB的Domainnames]示例: http : //www.digicert.com/help/
i need to create a web service to check expiry date. 我需要创建一个Web服务来检查到期日期。 how can i implement it?? 我怎么能实现它? - I have looked up loads of different things such as RequestCertificateValidationCallback and ClientCertificates etc. Since i am new to this, i am not sure what has to be done. - 我查了很多不同的东西,比如RequestCertificateValidationCallback和ClientCertificates等。由于我是新手,我不知道该做些什么。
I could be completely wrong (hence why I need help) but would I create a HTTPWebRequest and then somehow request the client certificate and specific elements that way? 我可能完全错了(因此我需要帮助)但是我会创建一个HTTPWebRequest然后以某种方式请求客户端证书和特定元素吗?
i tried the example provided @SSL certificate pre-fetch .NET , but i am getting forbitten 403 error. 我尝试了提供@SSL证书预取.NET的示例,但我得到了forbitten 403错误。
Any help would be much appreciated - Thank you. 任何帮助将不胜感激 - 谢谢。
This is the code i have written which is throwing 403 forbidden error. 这是我写的代码,它抛出403禁止错误。
Uri u = new Uri("http://services.efi.com/");
ServicePoint sp = ServicePointManager.FindServicePoint(u);
string groupName = Guid.NewGuid().ToString();
HttpWebRequest req = HttpWebRequest.Create(u) as HttpWebRequest;
req.Accept = "*/*";
req.ConnectionGroupName = groupName;
using (WebResponse resp = req.GetResponse())
{
// Ignore response, and close the response.
}
sp.CloseConnectionGroup(groupName);
// Implement favourite null check pattern here on sp.Certificate
string expiryDate = sp.Certificate.GetExpirationDateString();
string str = expiryDate;
3 个解决方案
解决方案1
6 2013-03-11 09:56:10
This works fine: 这很好用:
namespace ConsoleApplication1
{
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
class Program
{
static void Main()
{
ServicePointManager.ServerCertificateValidationCallback += ServerCertificateValidationCallback;
var request = WebRequest.Create("https://www.google.com");
var response = request.GetResponse();
Console.WriteLine("Done.");
Console.ReadLine();
}
private static bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
Console.WriteLine("Certificate expires on " + certificate.GetExpirationDateString());
return true;
}
}
}
解决方案2
1 已采纳 2013-03-11 10:17:35
You are getting a "403 forbidden" status because that's what the server returns when you access that page. 您将获得“403禁止”状态,因为这是您访问该页面时服务器返回的内容。 I see the same thing when I browse to that Uri using IE. 当我使用IE浏览到那个Uri时,我看到同样的事情。 This status indicates that you don't have permission to access the Url, so perhaps you should try your code on a page that you have access to. 此状态表示您无权访问Url,因此您可能应该在可以访问的页面上尝试使用代码。
Also, you're unlikely to see a certificate on a http connection - you might want to try https instead. 此外,您不太可能在http连接上看到证书 - 您可能希望尝试使用https 。
解决方案3
1 2016-04-19 08:39:43
If you need to download the certificate: 如果您需要下载证书:
//Do webrequest to get info on secure site
var certName = "FileName";
var url = "https://mail.google.com";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
response.Close();
//retrieve the ssl cert and assign it to an X509Certificate object
X509Certificate cert = request.ServicePoint.Certificate;
//convert the X509Certificate to an X509Certificate2 object by passing it into the constructor
X509Certificate2 cert2 = new X509Certificate2(cert);
string cn = cert2.GetIssuerName();
string cedate = cert2.GetExpirationDateString();
string cpub = cert2.GetPublicKeyString();
var path = Directory.GetCurrentDirectory() + string.Concat("\\", certName, ".der");
byte[] certData = cert2.Export(X509ContentType.Cert);
File.WriteAllBytes(path, certData);
Console.WriteLine("cert2.GetIssuerName :{0}", cert2.GetIssuerName());
Console.WriteLine("cert2.GetExpirationDateString :{0}", cert2.GetExpirationDateString());
Console.WriteLine("cert2.GetPublicKeyString :{0}", cert2.GetPublicKeyString());
.cs Sample File : https://gist.github.com/thedom85/6db200104c075310527aaef63b172253 .cs示例文件: https : //gist.github.com/thedom85/6db200104c075310527aaef63b172253
I also recommend this site : https://www.simple-talk.com/dotnet/.net-framework/tlsssl-and-.net-framework-4.0/ 我也推荐这个网站: https : //www.simple-talk.com/dotnet/.net-framework/tlsssl-and-.net-framework-4.0/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.