Skip to content
This repository has been archived by the owner on Feb 14, 2022. It is now read-only.

Untrusted or expired SSL certificates

Jump to bottom
DecaTec edited this page Apr 10, 2016 · 5 revisions

The Portable WebDAV Library can be used with WebDAV servers using a SSL certificate (HTTPS). However, an exception will be thrown if these certificates are untrusted or expired. This is a common scenario when using so called self signed certificates.

It is up to the application/app using the Portable WebDAV Library to handle these certificate errors.

See these two examples (for the UWP and NetFx parts of the library) when untrusted/expired certificates are used:

DecaTec.WebDav.Uwp:

// The base URL (HTTPS) of the WebDAV server.
var webDavServerUrl = "https://www.myserver.com/webdav/";

// Specify the user credentials and pass it to a HttpBaseProtocolFilter.
var credentials = new PasswordCredential(webDavServerUrl, "MyUsername", "MyPassword");
var httpBaseProtocolFilter = new HttpBaseProtocolFilter();
httpBaseProtocolFilter.ServerCredential = credentials;

// Specify the certificate errors which should be ignored.
// It is recommended to only ignore expired or untrusted certificate errors.
// When an invalid certificate is used by the WebDAV server and these errors are not ignored, an exception will be thrown when trying to access WebDAV resources.
httpBaseProtocolFilter.IgnorableServerCertificateErrors.Add(ChainValidationResult.Expired);
httpBaseProtocolFilter.IgnorableServerCertificateErrors.Add(ChainValidationResult.Untrusted);

// Create a WebDavSession with the HttpBaseProtocolFilter.
var webDavSession = new WebDavSession(webDavServerUrl, httpBaseProtocolFilter);

var items = await webDavSession.ListAsync(@"MyFolder/");

foreach (var item in items)
{
		// Handle the response (list of WebDavSessionListItems).
}

webDavSession.Dispose();

DecaTec.WebDav.NetFx:

// Use the ServicePointManager.ServerCertificateValidationCallback to ignore certificate errors.
// This call should be done before trying to access any WebDAV resources, otherwise an exception will be thrown.
ServicePointManager.ServerCertificateValidationCallback += (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) =>
{
	// Specify which certificate errors should be ignored.
	if (sslPolicyErrors == SslPolicyErrors.RemoteCertificateNotAvailable)
		return true;
	else
		return false;
};

// The base URL (HTTPS) of the WebDAV server.
var webDavServerUrl = "https://www.myserver.com/webdav/";

// Specify the user credentials.
var credentials = new NetworkCredential("MyUserName", "MyPassword");

// Create a WebDavSession.
var webDavSession = new WebDavSession(webDavServerUrl, credentials);

var items = await webDavSession.ListAsync(@"MyFolder/");

foreach (var item in items)
{
	// Handle the response (list of WebDavSessionListItems).
}

webDavSession.Dispose();
Clone this wiki locally