Page 1 of 1

[Bug_id:82] SSL check the correct way

Posted: Tue Jun 06, 2017 11:01 pm
by Damic
If anyone knows how to implement a ssl check the correct way, please contact me ;)

Currently I use the callback with a extra check on the names:

First I add the server certificate validation callback, the standard code that is provided by MS is good until you start using Fiddler

Code: Select all

If ServicePointManager.ServerCertificateValidationCallback Is Nothing Then ServicePointManager.ServerCertificateValidationCallback = New RemoteCertificateValidationCallback(AddressOf ValidateRemoteCertificate)
So I do an extra check on the issuer and the domain.

Code: Select all

        '-trusted domain/issuer
        If             (certificate.Subject.IndexOf(trustedDomain_cdpc) = -1 Or certificate.Issuer.IndexOf(trustedIssuer_cdpc) = -1) Then
            Return False
        End If