I'm trying to create a C# proxy DLL that allow VS2015 Community, on my offline workstation, access to internet through a corporate HTTP proxy with authentication.
Following instruction of this MSDN blog post I'm able to connect VisualStudio to HTTP pages in this way:
namespace VSProxy
{
public class AuthProxyModule : IWebProxy
{
ICredentials crendential = new NetworkCredential("user", "password");
public ICredentials Credentials
{
get
{
return crendential;
}
set
{
crendential = value;
}
}
public Uri GetProxy(Uri destination)
{
ServicePointManager.ServerCertificateValidationCallback = (Header, Cer, Claim, SslPolicyErrors) => true;
return new Uri("http://128.16.0.123:1234", UriKind.Absolute);
}
public bool IsBypassed(Uri host)
{
return host.IsLoopback;
}
}
}
But I'm not able to connect to the account authentication page for Visual Studio Community access.
So, I'm trying to validate Microsoft certificate using DLL.
There is any way can I accomplish HTTPS and certificate issue?
How can I validate the certificate in the webProxy DLL?
If you want to bypass the certificate check altogether, you could set your ServicePointManager.ServerCertificateValidationCallback
to always use a delegate which returns true:
var validationCallback = new RemoteCertificateValidationCallback(delegate { return true; });
....
ServicePointManager.ServerCertificateValidationCallback += validationCallback;
I'd wrap that in a try / catch / finally and in the finally, remove the delegate (as it otherwise applies process-wide iirc):
finally
{
ServicePointManager.ServerCertificateValidationCallback -= validationCallback;
}
UPDATE 26/03/18:
If you have control over the creation of the HttpClient
, you can pass a HttpClientHandler
when you construct it, with its ServerCertificateCustomValidationCallback
delegate set to return true. You are effectively limiting the dangerous effect of disabling SSL checking process-wide and limiting it to the use of this HttpClient. Much safer. Code:
var handler = new HttpClientHandler();
// Optional check to enable / disable based on config setting.
if (ConfigurationManager.AppSettings["EnableSslCertificateCheck"] == null ||
Convert.ToBoolean(ConfigurationManager.AppSettings["EnableSslCertificateCheck"]) == false)
{
handler = new HttpClientHandler
{
ClientCertificateOptions = ClientCertificateOption.Manual,
ServerCertificateCustomValidationCallback =
(httpRequestMessage, cert, cetChain, policyErrors) => true
};
}
return new HttpClient(handler);
You may have a SSL proxy certificate company gave. You just import the one into root certificate in IE(i.e. http://www.instructables.com/id/Installing-an-SSL-Certificate-in-Windows-7/, https://bto.bluecoat.com/webguides/sslv/sslva_first_steps/Content/Topics/Configure/ssl_ie_cert.htm)
Or just ignoring certificate validation via .Net config
how to set ServicePointManager.ServerCertificateValidationCallback in web.config
How to stop certificate errors temporarily with WCF services (OzrenTkalcecKrznaric's answer)
In case of Visual Studio 2015, the .Net config file is located at "%PROGRAMFILES(x86)%\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe.config".
I hope it is helpful.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With