堆栈内存溢出
  简体   繁体   English

让 SmtpClient 使用自签名 SSL 证书

[英]Getting SmtpClient to work with a self signed SSL certificate

 原文  2010-01-28 10:32:41       c#/ ssl/ smtpclient/ self-signed

问题描述

I'm attempting to use the System.Net.Mail.SmtpClient class to relay an email through my company's email server.我正在尝试使用 System.Net.Mail.SmtpClient 类通过我公司的电子邮件服务器中继电子邮件。 All SMTP connections to the mail server have to be SSL and it uses a self signed certificate.到邮件服务器的所有 SMTP 连接都必须是 SSL,并且它使用自签名证书。 That's fine for Outlook where you can just click ok on the warning dialogue but does anyone know a way to get SmtpClient to accept a self signed certificate?这对于 Outlook 来说很好,您可以在警告对话框中单击确定,但有没有人知道让 SmtpClient 接受自签名证书的方法?

I'm planning on using this app on the Windows Azure Platform so I won't be able to install the self signed certificate as a trusted root.我计划在 Windows Azure 平台上使用此应用程序,因此我无法将自签名证书安装为受信任的根。

3 个解决方案

解决方案1
 14  2010-01-28 10:38:45

You may take a look at the ServerCertificateValidationCallback property:您可以查看ServerCertificateValidationCallback属性:

ServicePointManager.ServerCertificateValidationCallback = 
    (sender, certificate, chain, sslPolicyErrors) => true;

It represents a callback which is called by the runtime when it tries to validate an SSL certificate.它表示运行时在尝试验证 SSL 证书时调用的回调。 By returning true you basically say that you don't care if the certificate is valid or not -> you always accept it.通过返回true您基本上是说您不在乎证书是否有效-> 您总是接受它。 Of course having self signed certificates in production environment is not a good idea.当然,在生产环境中使用自签名证书并不是一个好主意。

解决方案2
 5 已采纳  2010-02-06 11:52:42

My issue ended up being that the .Net SmtpClient class apparently doesn't support the use of port 465 for SMTP SSL connections.我的问题最终是 .Net SmtpClient 类显然不支持将端口 465 用于 SMTP SSL 连接。 Using port 25 with a self signed SSL certificate worked correctly.使用带有自签名 SSL 证书的端口 25 工作正常。

MSDN System.Net forum question Can SmtpClient be configured to work with a self signed certificate? MSDN System.Net 论坛问题可以将 SmtpClient 配置为使用自签名证书吗? . .

解决方案3
 1  2020-11-20 13:04:03

If you want to be more secure, you might want to look at doing the following:如果您想更安全,您可能需要考虑执行以下操作:

theClient.EnableSsl = true;

ServicePointManager.ServerCertificateValidationCallback =
    (sender, certificate, chain, sslPolicyErrors) => {
        if (sender == theClient) {
            return true;
        } else {
            // you should apply the code from this SO answer
            // https://stackoverflow.com/a/25895486/795690
            // if you find that anything in your app uses this path
            throw new ApplicationException("Certificate validation is currently disabled, extra code neeeded here!");
        }
    };

In this code we are auto-approving certificates only for the specific SMTP client in question;在此代码中,我们仅为相关的特定 SMTP 客户端自动批准证书; we have a stub code path which you should upgrade to explicitly reinstate default certificate validation if you find that anything else in your app is using it.我们有一个存根代码路径,如果您发现应用程序中的其他任何内容正在使用它,您应该升级以明确恢复默认证书验证

Another different, useful approach to approving certificates only in contexts where you actually want to is in this SO answer .仅在您真正想要的上下文中批准证书的另一种不同的、有用的方法是在这个 SO answer 中

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 SSL自签名证书 - SSL Self-Signed Certificate Windows不接受自签名SSL证书 - Windows not accepting Self Signed SSL Certificate ssl自签名证书错误-本地主机 - ssl self signed certificate error - localhost 具有自签名SSL证书的UWP BackgroundDownloader - UWP BackgroundDownloader with self signed SSL certificate IIS Express 使用 CLI 信任自签名 SSL 证书 - IIS Express trust self-signed SSL certificate with CLI 使用自签名SSL证书时,Mono HTTPListener会引发异常 - Mono HTTPListener throws exception when using self signed SSL certificate 仅接受自签名SSL证书C# - Accept only self signed SSL-Certificate C# 检查自签名证书(SSL,C#) - Check self-signed certificate (SSL, C#) 自签名密钥证书 - Self signed key certificate 带有自签名证书的HTTPS! - HTTPS with a self signed certificate!
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM