[英]obtain ssl certificate information - .net
我希望從任何給定的域名SSL證書獲取數據。 例如,我想放入任何網站地址,例如“ http://stackoverflow.com ”,我的代碼將首先檢查是否存在SSL證書。 如果確實如此,我希望它能夠取出證書的失效日期。 [我正在閱讀DB的Domainnames]示例: http : //www.digicert.com/help/
我需要創建一個Web服務來檢查到期日期。 我怎么能實現它? - 我查了很多不同的東西,比如RequestCertificateValidationCallback和ClientCertificates等。由於我是新手,我不知道該做些什么。
我可能完全錯了(因此我需要幫助)但是我會創建一個HTTPWebRequest然后以某種方式請求客戶端證書和特定元素嗎?
我嘗試了提供@SSL證書預取.NET的示例,但我得到了forbitten 403錯誤。
任何幫助將不勝感激 - 謝謝。
這是我寫的代碼,它拋出403禁止錯誤。
Uri u = new Uri("http://services.efi.com/");
ServicePoint sp = ServicePointManager.FindServicePoint(u);
string groupName = Guid.NewGuid().ToString();
HttpWebRequest req = HttpWebRequest.Create(u) as HttpWebRequest;
req.Accept = "*/*";
req.ConnectionGroupName = groupName;
using (WebResponse resp = req.GetResponse())
{
// Ignore response, and close the response.
}
sp.CloseConnectionGroup(groupName);
// Implement favourite null check pattern here on sp.Certificate
string expiryDate = sp.Certificate.GetExpirationDateString();
string str = expiryDate;
這很好用:
namespace ConsoleApplication1
{
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
class Program
{
static void Main()
{
ServicePointManager.ServerCertificateValidationCallback += ServerCertificateValidationCallback;
var request = WebRequest.Create("https://www.google.com");
var response = request.GetResponse();
Console.WriteLine("Done.");
Console.ReadLine();
}
private static bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
Console.WriteLine("Certificate expires on " + certificate.GetExpirationDateString());
return true;
}
}
}
您將獲得“403禁止”狀態,因為這是您訪問該頁面時服務器返回的內容。 當我使用IE瀏覽到那個Uri時,我看到同樣的事情。 此狀態表示您無權訪問Url,因此您可能應該在可以訪問的頁面上嘗試使用代碼。
此外,您不太可能在http
連接上看到證書 - 您可能希望嘗試使用https
。
如果您需要下載證書:
//Do webrequest to get info on secure site
var certName = "FileName";
var url = "https://mail.google.com";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
response.Close();
//retrieve the ssl cert and assign it to an X509Certificate object
X509Certificate cert = request.ServicePoint.Certificate;
//convert the X509Certificate to an X509Certificate2 object by passing it into the constructor
X509Certificate2 cert2 = new X509Certificate2(cert);
string cn = cert2.GetIssuerName();
string cedate = cert2.GetExpirationDateString();
string cpub = cert2.GetPublicKeyString();
var path = Directory.GetCurrentDirectory() + string.Concat("\\", certName, ".der");
byte[] certData = cert2.Export(X509ContentType.Cert);
File.WriteAllBytes(path, certData);
Console.WriteLine("cert2.GetIssuerName :{0}", cert2.GetIssuerName());
Console.WriteLine("cert2.GetExpirationDateString :{0}", cert2.GetExpirationDateString());
Console.WriteLine("cert2.GetPublicKeyString :{0}", cert2.GetPublicKeyString());
.cs示例文件: https : //gist.github.com/thedom85/6db200104c075310527aaef63b172253
我也推薦這個網站: https : //www.simple-talk.com/dotnet/.net-framework/tlsssl-and-.net-framework-4.0/
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.