Is there a way to declaratively set ServicePointManager's ServerCertificateValidationCallback property from *.config file?

Question

I am looking for a way to disable cert validation in a declarative way. This would be very usefull i.e. when using svcutil.exe.

So far I know how to disable hostname validation:

<system.net>
    <settings>
        <servicePointManager checkCertificateName="false" />
    </settings>
</system.net>

but this is not sufficent. I've seen someone claiming this can be done, but wihtout any sample.

Answer 1

I'm using this ugly hack for using only in UnitTests :(

app.config:

<system.net>
    <webRequestModules xdt:Transform="Insert">
        <clear/>
        <add prefix = "http" type = "HttpRequestCreatorWithServerCertificateValidationCallback, TestHelpers"/>
        <add prefix = "https" type = "HttpRequestCreatorWithServerCertificateValidationCallback, TestHelpers"/>
    </webRequestModules>
</system.net>

HttpRequestCreatorWithServerCertificateValidationCallback.cs

public class HttpRequestCreatorWithServerCertificateValidationCallback : IWebRequestCreate
{
    static HttpRequestCreatorWithServerCertificateValidationCallback()
    {
        var type = typeof(HttpWebRequest).Assembly.GetType("System.Net.HttpRequestCreator");
        var ctor = type.GetConstructors()[0];
        Creator = (IWebRequestCreate)ctor.Invoke(null);

        ServicePointManager.ServerCertificateValidationCallback += delegate
        {
            return true;
        };
    }

    #region IWebRequestCreate Members

    public WebRequest Create(Uri uri)
    {
        return Creator.Create(uri);
    }

    #endregion

    private static readonly IWebRequestCreate Creator;
}

Answer 2

I am using this when working with HttpClient:

  <system.net>
    <settings>
      <servicePointManager
          checkCertificateName="false"
          checkCertificateRevocationList="false" />
    </settings>
  </system.net>

I took it from the Internet, not remember from where. It works for my backend calls.