6
如何在使用s SqlConnection
时锁定证书?从SqlConnection Connection String Parameter Keywords & Values,我知道我可以设置Encrypted
到true
强制(鼓励?)使用SSL/TLS。.Net SqlConnection,服务器身份验证和证书锁定
但是,为了获得证书,我相信我们需要使用 ServicePointManager
(以下示例代码由ArneVajhøj提供,用于HTTP/HTTPS)。我不清楚如何将PinCertificate
(从ServicePointManager
)连线到SqlConnection
。
更新:与microsoft.public.dotnet.languages.csharp上的ArneVajhøj交谈,似乎无法对连接进行所需的控制。 Vajhøj提供了链接Encrypting Connections to SQL Server。
public static void Main(string[] args)
{
ServicePointManager.ServerCertificateValidationCallback = PinCertificate;
WebRequest wr = WebRequest.Create("https://www.google.com/");
wr.GetResponse();
}
public static bool PinCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
byte[] chash = certificate.GetCertHash();
StringBuilder sb = new StringBuilder(chash.Length * 2);
foreach (byte b in chash)
sb.AppendFormat("{0:X2}", b);
// Verify against known SHA1 thumb print of the certificate
String hash = sb.ToString();
if (hash != "C1956DC8A7DFB2A5A56934DA09778E3A11023358")
return false;
return true;
}
在VB.NET证书验证的例子:http://social.msdn.microsoft.com/forums/en-US/netfxnetcom/thread/ 5f5af31c-74f2-4147-8b70-e9e8ec03c76a。应该很容易转换。 – 2012-01-01 06:21:59
MSDN示例使用“ServicePointManager”和“ServerCertificateValidationCallback”(调用“MyCertValidationCb”)。它与我发布的样本没有什么不同。我仍然不清楚如何将'ServerCertificateValidationCallback'连接到'SqlConnection'。 – jww 2012-01-01 06:53:00
http://support.microsoft.com/default.aspx?scid=276553对此有帮助吗? – King 2012-01-06 23:00:42