wcf - 如何关闭WCF服务客户端的证书吊销？

如何关闭WCF服务客户端的证书吊销？
客户端代理是由wsdl.exe生成的，并继承了SoapHttpClientProtocol。

最佳答案

我认为您正在寻找ServicePointManager.ServerCertificateValidationCallback:

这需要一个RemoteCertificateValidationCallback委托(delegate):

我以前从未处理过被吊销的证书(我有能力处理其他问题，例如SSL过期)，但是我猜您会做以下事情:

class Program
{
    static void Main(string[] args)
    {
        ServicePointManager.ServerCertificateValidationCallback +=
            new RemoteCertificateValidationCallback(ValidateCertificate);

        // Do WCF calls...
    }

    public static bool ValidateCertificate(object sender, X509Certificate cert,
                              X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        if(sslPolicyErrors == SslPolicyErrors.RemoteCertificateChainErrors)
        {
            foreach(X509ChainStatus chainStatus in chain.ChainStatus)
            {
                if(chainStatus.Status == X509ChainStatusFlags.Revoked)
                {
                    return true;
                }
            }
        }

        /*
         WARNING!

         You should perform other cert validation checks here and not blindly
         override your cert validation by returning true.

         Otherwise the secure channel between your client and service
         may not be secure.

        */

        return false;
    }
}