How to bypass SSL error CefSharp WinForms

Question

I'm using CefSharp.WinForms to develop an application. When any SSL certificate error occurs, it won't display the web page.

How can I bypass SSL certificate error and display the web page?

Answer 1

Option 1 (Preferred)

Implement IRequestHandler.OnCertificateError - this method will be called for every invalid certificate. If you only wish to override a few methods of IRequestHandler then you can inherit from RequestHandler and override the methods you are interested in specifically, in this case OnCertificateError

//Make sure you assign your RequestHandler instance to the `ChromiumWebBrowser`
browser.RequestHandler = new ExampleRequestHandler();

public class ExampleRequestHandler : RequestHandler
{
    protected override bool OnCertificateError(IWebBrowser chromiumWebBrowser, IBrowser browser, CefErrorCode errorCode, string requestUrl, ISslInfo sslInfo, IRequestCallback callback)
    {
        //NOTE: We also suggest you wrap callback in a using statement or explicitly execute callback.Dispose as callback wraps an unmanaged resource.

        //Example #1
        //Return true and call IRequestCallback.Continue() at a later time to continue or cancel the request.
        //In this instance we'll use a Task, typically you'd invoke a call to the UI Thread and display a Dialog to the user
        Task.Run(() =>
        {
            //NOTE: When executing the callback in an async fashion need to check to see if it's disposed
            if (!callback.IsDisposed)
            {
                using (callback)
                {
                    //We'll allow the expired certificate from badssl.com
                    if (requestUrl.ToLower().Contains("https://expired.badssl.com/"))
                    {
                        callback.Continue(true);
                    }
                    else
                    {
                        callback.Continue(false);
                    }
                }
            }
        });

        return true;

        //Example #2
        //Execute the callback and return true to immediately allow the invalid certificate
        //callback.Continue(true); //Callback will Dispose it's self once exeucted
        //return true;

        //Example #3
        //Return false for the default behaviour (cancel request immediately)
        //callback.Dispose(); //Dispose of callback
        //return false;
    }
}

---

Option 2

Set ignore-certificate-errors command line arg

var settings = new CefSettings();
settings.CefCommandLineArgs.Add("ignore-certificate-errors");

Cef.Initialize(settings);

• WPF CefSettings Example
• WinForms CefSettings Example

Answer 2

Copy/paste ready:

//Before instantiating a ChromiumWebBrowser object
CefSettings settings = new CefSettings();
settings.IgnoreCertificateErrors = true;
Cef.Initialize(settings);

Answer 3

 public abstract class BaseRequestEventArgs : System.EventArgs
    {
        protected BaseRequestEventArgs(IWebBrowser chromiumWebBrowser, IBrowser browser)
        {
            ChromiumWebBrowser = chromiumWebBrowser;
            Browser = browser;
        }

        public IWebBrowser ChromiumWebBrowser { get; private set; }
        public IBrowser Browser { get; private set; }
    }
    public class OnCertificateErrorEventArgs : BaseRequestEventArgs
    {
        public OnCertificateErrorEventArgs(IWebBrowser chromiumWebBrowser, IBrowser browser, CefErrorCode errorCode, string requestUrl, ISslInfo sslInfo, IRequestCallback callback)
            : base(chromiumWebBrowser, browser)
        {
            ErrorCode = errorCode;
            RequestUrl = requestUrl;
            SSLInfo = sslInfo;
            Callback = callback;

            ContinueAsync = false; // default
        }

        public CefErrorCode ErrorCode { get; private set; }
        public string RequestUrl { get; private set; }
        public ISslInfo SSLInfo { get; private set; }

        /// <summary>
        ///     Callback interface used for asynchronous continuation of url requests.
        ///     If empty the error cannot be recovered from and the request will be canceled automatically.
        /// </summary>
        public IRequestCallback Callback { get; private set; }

        /// <summary>
        ///     Set to false to cancel the request immediately. Set to true and use <see cref="T:CefSharp.IRequestCallback" /> to
        ///     execute in an async fashion.
        /// </summary>
        public bool ContinueAsync { get; set; }
    }

    public class CustomRequesthandle : RequestHandler
    {
        public event EventHandler<OnCertificateErrorEventArgs> OnCertificateErrorEvent;

        protected override bool OnCertificateError(IWebBrowser chromiumWebBrowser, IBrowser browser, CefErrorCode errorCode, string requestUrl, ISslInfo sslInfo, IRequestCallback callback)
        {
            var args = new OnCertificateErrorEventArgs(chromiumWebBrowser, browser, errorCode, requestUrl, sslInfo, callback);

            OnCertificateErrorEvent?.Invoke(this, args);

            callback.Continue(true);
            return args.ContinueAsync;
        }
    }

and

 browser = new CefSharp.Wpf.ChromiumWebBrowser();
        browser.RequestHandler = new CustomRequesthandle();