Examining server certificates using HttpWebRequest/HttpWebResponse

[Guest]

I see that it is possible to examine client certificates using HttpWebRequest class. Is there any way to see server side certificates in a similar manner - assuming a successfully authenticated HTTPS request/response? I notice there is no certificate collection in the HttpWebResponse class.

 

[Adarsh Khare [ MS ]]

Currently there is no straight forward way in HttpWebResponse.

But there is a workaround to examine server certificate, you need to
implement your ICertificatePolicy interface and set the
ServicePointManager.CertifcatePolicy, your check validation method would be
invoked with the request and corresponding X509Certificate.

adarshk

===========================

This posting is provided as-is. It provides no guarantees and confers no
rights

I see that it is possible to examine client certificates using

HttpWebRequest class. Is there any way to see server side certificates in a
similar manner - assuming a successfully authenticated HTTPS
request/response? I notice there is no certificate collection in the
HttpWebResponse class.

 

[Guest]

Thank you for your reply. I have tried what you suggest and am able to inspect the server certificate.

However, I am concerned about overriding the default certification validation behavior. Can I defer the validation to another class to get that default validation behavior after looking at the certificate?

Thanks.