.Net SqlConnection, Server Authentication, and Certificate P

使用s SqlConnection时如何pin证书?来自SqlConnection连接字符串参数关键词&值，我知道我可以将Encrypted设置为true来强制(鼓励?)使用SSL/TLS。

然而，要固定证书，我认为我们需要使用ServicePointManager中的ServerCertificateValidationCallback(下面的示例代码由Arne Vajhøj提供，用于HTTP/HTTPS)。我不清楚如何在PinCertificate(从ServicePointManager)连接到SqlConnection。

更新:与Arne Vajhøj在microt.public.dotnet.languages的谈话。Csharp，似乎不可能对连接进行所需的控制。Vajhøj提供了到SQL Server的加密连接的链接。

public static void Main(string[] args)
{
  ServicePointManager.ServerCertificateValidationCallback = PinCertificate;
  WebRequest wr = WebRequest.Create("https://www.google.com/");
  wr.GetResponse();
}
public static bool PinCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
  byte[] chash = certificate.GetCertHash();
  StringBuilder sb = new StringBuilder(chash.Length * 2);
  foreach (byte b in chash)
    sb.AppendFormat("{0:X2}", b);
  // Verify against known SHA1 thumb print of the certificate
  String hash = sb.ToString();
  if (hash != "C1956DC8A7DFB2A5A56934DA09778E3A11023358")
    return false;
  return true;
}

System.Net.ServicePointManager.ServerCertificateValidationCallback = New RemoteCertificateValidationCallback(AddressOf ValidateCertificate)
Private Function ValidateCertificate(ByVal sender As Object, ByVal certificate As X509Certificate, ByVal chain As X509Chain, ByVal sslPolicyErrors As SslPolicyErrors) As Boolean
    'Return True to force the certificate to be accepted.
    Return True
End Function