获取SSL证书信息- .net
本文关键字:net 信息 证书 SSL 获取 | 更新日期: 2023-09-27 18:03:21
我希望从任何给定的域名SSL证书获得数据。例如,我想输入任何网站地址。"http://stackoverflow.com",我的代码将首先检查SSL证书是否存在。如果是这样的话,我想让它把证书的到期日拉出来。[i am reading Domainnames from DB]示例:http://www.digicert.com/help/
我需要创建一个web服务来检查到期日期。我该如何实现它??-我查了很多不同的东西,比如RequestCertificateValidationCallback和ClientCertificates等。因为我是新手,我不知道该做些什么。
我可能是完全错误的(因此为什么我需要帮助),但我会创建一个HTTPWebRequest,然后以某种方式请求客户端证书和特定的元素吗?
我尝试了提供的示例@SSL证书预取。net,但我被禁止403错误。
任何帮助都将非常感激-谢谢。
这是我写的抛出403 forbidden错误的代码。
Uri u = new Uri("http://services.efi.com/");
ServicePoint sp = ServicePointManager.FindServicePoint(u);
string groupName = Guid.NewGuid().ToString();
HttpWebRequest req = HttpWebRequest.Create(u) as HttpWebRequest;
req.Accept = "*/*";
req.ConnectionGroupName = groupName;
using (WebResponse resp = req.GetResponse())
{
// Ignore response, and close the response.
}
sp.CloseConnectionGroup(groupName);
// Implement favourite null check pattern here on sp.Certificate
string expiryDate = sp.Certificate.GetExpirationDateString();
string str = expiryDate;
运行正常:
namespace ConsoleApplication1
{
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
class Program
{
static void Main()
{
ServicePointManager.ServerCertificateValidationCallback += ServerCertificateValidationCallback;
var request = WebRequest.Create("https://www.google.com");
var response = request.GetResponse();
Console.WriteLine("Done.");
Console.ReadLine();
}
private static bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
Console.WriteLine("Certificate expires on " + certificate.GetExpirationDateString());
return true;
}
}
}
您将获得"403 forbidden"状态,因为这是服务器在您访问该页面时返回的内容。当我使用IE浏览到那个Uri时,我看到了同样的事情。此状态表明您没有访问该Url的权限,因此也许您应该在您有权访问的页面上尝试您的代码。
此外,您不太可能在http连接上看到证书-您可能想要尝试https。
如果需要下载证书:
//Do webrequest to get info on secure site
var certName = "FileName";
var url = "https://mail.google.com";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
response.Close();
//retrieve the ssl cert and assign it to an X509Certificate object
X509Certificate cert = request.ServicePoint.Certificate;
//convert the X509Certificate to an X509Certificate2 object by passing it into the constructor
X509Certificate2 cert2 = new X509Certificate2(cert);
string cn = cert2.GetIssuerName();
string cedate = cert2.GetExpirationDateString();
string cpub = cert2.GetPublicKeyString();
var path = Directory.GetCurrentDirectory() + string.Concat("''", certName, ".der");
byte[] certData = cert2.Export(X509ContentType.Cert);
File.WriteAllBytes(path, certData);
Console.WriteLine("cert2.GetIssuerName :{0}", cert2.GetIssuerName());
Console.WriteLine("cert2.GetExpirationDateString :{0}", cert2.GetExpirationDateString());
Console.WriteLine("cert2.GetPublicKeyString :{0}", cert2.GetPublicKeyString());
.cs示例文件:https://gist.github.com/thedom85/6db200104c075310527aaef63b172253
我也推荐这个网站:https://www.simple-talk.com/dotnet/.net-framework/tlsssl-and-.net-framework-4.0/