Untitled
unknown
plain_text
22 days ago
1.5 kB
1
Indexable
using Grpc.Net.Client;
using System;
using System.Net.Http;
using System.Security.Cryptography.X509Certificates;
public class GrpcClientExample
{
public static void Main(string[] args)
{
// Create an HttpClientHandler with CN and SAN verification
var handler = new HttpClientHandler();
handler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) =>
{
// Expected CN and SANs (adjust accordingly)
string expectedCN = "your-expected-cn";
string[] expectedSANs = { "your-expected-hostname1", "your-expected-hostname2" };
// Check CN
if (!cert.GetName().Contains(expectedCN))
{
Console.WriteLine($"CN mismatch: Expected '{expectedCN}', found '{cert.GetName()}'");
return false;
}
// Check SANs
var hasMatchingSAN = false;
foreach (var san in cert.GetSubjectAlternativeNames())
{
if (san.Item1 == 2 && expectedSANs.Contains(san.Item2))
{
hasMatchingSAN = true;
break;
}
}
if (!hasMatchingSAN)
{
Console.WriteLine($"No matching SAN found in certificate.");
return false;
}
// If all checks pass, allow the connection
return true;
};
// ... (rest of the code remains the same)
}
}
Leave a Comment