哎呀,没有答案......所以我会回答我自己的问题,它可能对其他人有帮助。
这是我的步骤,不确定是否需要每个人,但这是我最终做的。
1) 已安装 FileZilla 服务器
- 用它来创建自己的自签名证书
- 菜单:设置 | SSL/TSL 设置 |生成新证书
- 输入适当的值
- 确保公用名 = 服务器地址正确。
- 这会在 .crt 中生成带有私钥的证书
扩展名/格式
2) 因为我在 Windows 上,我发现我无法在证书存储中安装这个证书,所以我需要先转换它的额外步骤
3) 启动 windows MMC 管理单元控制台
- 将证书安装到计算机帐户,受信任的根
证书颁发机构商店
4) 在我的代码中(在 FTPS 库中,在本例中为 Alex FTPS
我的连接如下所示:
var credential = new NetworkCredential(username, password);
string message = _client.Connect(hostname, port, credential,
ESSLSupportMode.Implicit,
null, // new RemoteCertificateValidationCallback(ValidateTestServerCertificate),
null, 0, 0, 0, null);
.net/Windows 基础设施管道已经为我处理了所有验证
5) 但是如果您想要自定义验证,或者您不想在 Windows 商店中安装证书,您可以在此处使用此示例代码:
http://msdn.microsoft.com/en-us/library/office/dd633677%28v=exchg.80%29.aspx
private static bool ValidateTestServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
// If the certificate is a valid, signed certificate, return true.
if (sslPolicyErrors == System.Net.Security.SslPolicyErrors.None)
{
return true;
}
// If there are errors in the certificate chain, look at each error to determine the cause.
if ((sslPolicyErrors & System.Net.Security.SslPolicyErrors.RemoteCertificateChainErrors) != 0)
{
if (chain != null && chain.ChainStatus != null)
{
foreach (System.Security.Cryptography.X509Certificates.X509ChainStatus status in chain.ChainStatus)
{
if ((certificate.Subject == certificate.Issuer) &&
(status.Status == System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.UntrustedRoot))
{
// Self-signed certificates with an untrusted root are valid.
continue;
}
else
{
if (status.Status != System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.NoError)
{
// If there are any other errors in the certificate chain, the certificate is invalid,
// so the method returns false.
return false;
}
}
}
}
// When processing reaches this line, the only errors in the certificate chain are
// untrusted root errors for self-signed certificates. These certificates are valid
// for default Exchange server installations, so return true.
return true;
}
else
{
// In all other cases, return false.
return false;
}
}
希望对人们有所帮助。