Method UseRemoteServerCertificateValidationCallback
UseRemoteServerCertificateValidationCallback(IArcGISHttpConfiguration, RemoteCertificateValidationCallback)
Sets the delegate that validates the server certificate during SSL/TLS handshake.
Declaration
public static IArcGISHttpConfiguration UseRemoteServerCertificateValidationCallback(this IArcGISHttpConfiguration configuration, RemoteCertificateValidationCallback callback)
Parameters
Type | Name | Description |
---|---|---|
IArcGISHttpConfiguration | configuration | HTTP Configuration |
System.Net.Security.RemoteCertificateValidationCallback | callback | The callback to use. |
Returns
Type | Description |
---|---|
IArcGISHttpConfiguration | HTTP Configuration |
Remarks
This callback can examine all SSL connections made by the Maps SDK and by ArcGISHttpMessageHandler
to service HTTPS requests. When null
,
server certificates are validated by the operating system using default policies and known certificate authorities.
A custom validator can be used to override the default behavior and accept or reject server certificates based on custom criteria,
such as:
- Accept server credentials that would otherwise be rejected by the system. For example, your app needs to make an HTTPS connection to a development server or through a proxy with a self-signed certificate. Refer to the Ignore specific validation errors section in the .NET Security Best Practices guide for a sample implementation.
- Reject credentials that would otherwise be accepted by the system. For example, your app needs to "pin" a set of specific keys or certificates under your control, rather than accept any valid credential. Refer to the Certificate pinning section in the .NET Security Best Practices guide for a sample implementation.
You can obtain the remote hostname from the "sender" parameter. Depending on context, the "sender" may be
either System.Net.Http.HttpRequestMessage
or System.Net.Security.SslStream
.
When the sslPolicyErrors
parameter is certificateChain
parameter.
Return true
from the callback to accept the server certificate, or false
to reject it.
The returned value is not cached and the callback is invoked each time a new connection is made.
The callback should be able to handle repeated calls for the same server, including parallel calls from multiple threads.
When targeting .NET 8+, secure WebSocket connections from ArcGISStreamService will use this callback.
When targeting .NET Framework, WebSocket connections go through System.Net.ServicePointManager.ServerCertificateValidationCallback
instead.
When targeting UWP, there is no way to customize certificate validation for WebSockets.
See Also
Applies to
Platforms and versions
Target | Versions |
---|---|
.NET Standard 2.0 | 200.6 |
.NET | 200.6 |
.NET Windows | 200.6 |
.NET Android | 200.6 |
.NET iOS | 200.6 |
.NET Framework | 200.6 |
UWP | 200.6 |