Reputation: 1185
Accept self-signed TLS/SSL certificate in VB.NET
I'm searching for a way to validate (or bypass validation for) self-signed SSL certificates using VB.NET. I found code to do this in C# and tried converting it into VB code, but I'm not having any luck.
Here is the C# code: How do I use WebRequest to access an SSL encrypted site using https?
Here is what I tried:
Imports System
Imports System.Net
Imports System.Security.Cryptography.X509Certificates
Public Class clsSSL
Public Function AcceptAllCertifications(ByVal sender As Object, ByVal certification As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslPolicyErrors As System.Net.Security.SslPolicyErrors) As Boolean
Return True
End Function
End Class
Then before the WebRequest I have this line of code which gives me an error.
ServicePointManager.ServerCertificateValidationCallback =
New System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications)
The error message is:
Delegate 'System.Net.Security.RemoteCertificateValidationCallback' requires an 'AddressOf' expression or lambda expression as the only argument to its constructor.
Upvotes: 31
Views: 71253
Answers (6)
Reputation: 1
In VB.Net
ServicePointManager.ServerCertificateValidationCallback = Function(s, c, h, e) True
Upvotes: -1
Reputation: 202282
All the answers here blindly accept any certificate. That's a security flaw.
When implementing ServicePointManager.ServerCertificateValidation callback one should validate the certificate. E.g. by checking certificate's hash against a known value:
Imports System.Net
Imports System.Net.Security
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
ServicePointManager.ServerCertificateValidationCallback =
Function(sender As Object, certificate As X509Certificate, chain As X509Chain,
errors As SslPolicyErrors)
Return _
(errors = SslPolicyErrors.None) Or
certificate.GetCertHashString(HashAlgorithmName.SHA256).Equals(
"EB8E0B28AE064ED58CBED9DAEB46CFEB3BD7ECA67737179E3C85BC3CD09D4EEC")
End Function
For the X509Certificate.GetCertHashString overload that takes HashAlgorithmName.SHA256, you need .NET 4.8. On older versions use the parameter-less overload that returns an SHA-1 hash.
For C# version of the code, see FtpWebRequest "The remote certificate is invalid according to the validation procedure".
Upvotes: 4
Reputation: 1825
One-liner:
System.Net.ServicePointManager.ServerCertificateValidationCallback = _
Function(se As Object, _
cert As System.Security.Cryptography.X509Certificates.X509Certificate, _
chain As System.Security.Cryptography.X509Certificates.X509Chain, _
sslerror As System.Net.Security.SslPolicyErrors) True
Credits to Robby Tendean
Upvotes: 14
Reputation: 1
In VB.Net,
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
solves the less secure apps problem.
Upvotes: 0
Reputation: 460138
I'm not sure but this should work:
ServicePointManager.ServerCertificateValidationCallback = _
New RemoteCertificateValidationCallback(AddressOf AcceptAllCertifications)
Upvotes: 2
Reputation: 887449
In VB.Net, you need to write
ServicePointManager.ServerCertificateValidationCallback = AddressOf AcceptAllCertifications
Upvotes: 36
Related Questions
- Using a self-signed certificate with .NET's HttpWebRequest/Response
- SSL Self-Signed Certificate
- Self-signed TLS certificates in Intranet
- Accept only self signed SSL-Certificate C#
- ValidateServerCertificate - ServerCertificateValidationCallback
- How to accept a self-signed SSL certificate in a WCF client?
- Adding Certificate to WebClient
- Two-way authentication using ssl in dotnet
- Trust a self-signed certificate to authenticate a server (.NET client on Windows)
- self signed certificate in windows server