ClientWebsocket SSL 证书验证失败

Question

I am writing an app in Xamarin.Forms targeting the .Net Standard 2.1, primarily focused on Android builds.

I have some websocket client code to connect to my secure self-signed server; however, it won't verify the certificate. I have found some references to use the ServicePointManager for validation callback or the ClientWebSocketOptions.RemoteCertificateValidationCallback but neither callback gets called while connecting. Here's the connect code:

public async Task Connect(string url) {
            if (client != null) {
                if (client.State == WebSocketState.Open) return;
                else client.Dispose();
            }
            ServicePointManager.ServerCertificateValidationCallback = ValidateServerCert;
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
            client = new ClientWebSocket();
            client.Options.AddSubProtocol("json");
            client.Options.UseDefaultCredentials = false;
            client.Options.RemoteCertificateValidationCallback = ValidateServerCert;
            if (CTS != null) CTS.Dispose();
            CTS = new CancellationTokenSource();
            Console.WriteLine("TBL: Connecting to " + url + "...");
            try {
                await client.ConnectAsync(new Uri(url), CTS.Token);
            } catch (Exception e) {
                Console.WriteLine("TBL: Ex: " + e);
            }
            Console.WriteLine("TBL: Client state: " + client.State);
            if (client.State == WebSocketState.Open) {
                OnConnect?.Invoke(); // if no callbacks registered, it's null
                Console.WriteLine("TBL: Websocket connected");
                await Task.Factory.StartNew(ReceiveLoop, CTS.Token, TaskCreationOptions.LongRunning, TaskScheduler.Default);
            }
        }

With this printed in the Device Log (I can't embed pictures yet):

Device Log Output

I've scoured the interwebs for answers/hints at this and most seem to apply to HTTPS and not Websockets (or at least their solutions don't seem to work). I can't get the validation callback to be called, no matter how I arrange this. Any help is greatly appreciated.

Answer 1

https://stackoverflow.com/a/26336847/9516

This accepts all certificates, even self signed ones: ServicePointManager.ServerCertificateValidationCallback = delegate { return true; }; ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };