在 BizTalk 2020 中禁用证书验证

Question

Can anyone tell me how to disable certificate revocation list validation in BizTalk.

Here is the scenario:

I have configured a BizTalk 2020 native FTP receive port that communicate to a client via FTPS Implicit mode. When the port is connecting to the FTPS server I get the error "The certificate is revoked". I want the BizTalk or port so ignore this certificate and not validate it, so how do I configure BizTalk 2020 FTP port to ignore certificate validation?

I have checked list list without no help: Known Issues with Certificates in BizTalk Server

I have also tried to add config setting in the BizTalk server config without luck!

Answer 1

Although not recommended outside testing and development scenarios, you can disable the revocation-check through .NET's System.Net.ServicePoint class using the static ServicePointManager class.

You can configure this in BizTalk's host-process application config file (BtsNtSvc.exe.config) with the downside that it would affect all 32-bit host-instances in this case.

<system.net>
  <settings>
    <servicePointManager checkCertificateRevocationList="false" />
  </settings>
</system.net> 

An alternative, and probably better, approach would be to create a BizTalk pipeline-component using something like this:

public IBaseMessage Execute(IPipelineContext pContext, IBaseMessage pInMsg)
{
    System.Net.ServicePointManager.CheckCertificateRevocationList = false;
    return pInMsg;
}