Skip to content

Instantly share code, notes, and snippets.

@vgerbase
Last active August 20, 2022 09:49
Show Gist options
  • Save vgerbase/5e0b2735d63289af9b6a to your computer and use it in GitHub Desktop.
Save vgerbase/5e0b2735d63289af9b6a to your computer and use it in GitHub Desktop.
C# code to switch off certificate validation
{
...
ServicePointManager.ServerCertificateValidationCallback =
delegate(object s, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
return true;
};
smtpclient.Send();
...
}
// OR
{
...
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(CertificateValidationCallBack);
smtpclient.Send();
...
}
private static bool CertificateValidationCallBack(
object sender,
System.Security.Cryptography.X509Certificates.X509Certificate certificate,
System.Security.Cryptography.X509Certificates.X509Chain chain,
System.Net.Security.SslPolicyErrors sslPolicyErrors) {
// If the certificate is a valid, signed certificate, return true.
if (sslPolicyErrors == System.Net.Security.SslPolicyErrors.None) {
return true;
}
// If there are errors in the certificate chain, look at each error to determine the cause.
if ((sslPolicyErrors & System.Net.Security.SslPolicyErrors.RemoteCertificateChainErrors) != 0) {
if (chain != null && chain.ChainStatus != null) {
foreach (System.Security.Cryptography.X509Certificates.X509ChainStatus status in chain.ChainStatus) {
if (
(certificate.Subject == certificate.Issuer) &&
(status.Status == System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.UntrustedRoot)) {
// Self-signed certificates with an untrusted root are valid.
continue;
}
else {
if (status.Status != System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.NoError) {
// If there are any other errors in the certificate chain, the certificate is invalid,
// so the method returns false.
return false;
}
}
}
}
// When processing reaches this line, the only errors in the certificate chain are
// untrusted root errors for self-signed certificates. These certificates are valid
// for default Exchange server installations, so return true.
return true;
}
else {
// In all other cases, return false.
return false;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment