[jira] [Resolved] (LOG4NET-315) SmtpAppender - Add support for ignoring certificate errors

Wed, 05 Jun 2013 03:01:33 -0700 

     [ 
https://issues.apache.org/jira/browse/LOG4NET-315?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dominik Psenner resolved LOG4NET-315.
-------------------------------------

    Resolution: Won't Fix

That's not so easy. The ServicePointmanager.ServerCertificateValidationCallback 
is defined as:

public delegate bool RemoteCertificateValidationCallback(object sender, 
X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors);

So there is no real way to identify the mail server from the certificate 
without doing some dark magic. It would actually require user interaction and 
since user interaction is not feasible for a logging application I agree with 
Jim Scott that this issue should be addressed with a workaround in the 
application configuration.
                
> SmtpAppender - Add support for ignoring certificate errors
> ----------------------------------------------------------
>
>                 Key: LOG4NET-315
>                 URL: https://issues.apache.org/jira/browse/LOG4NET-315
>             Project: Log4net
>          Issue Type: Improvement
>          Components: Appenders
>    Affects Versions: 1.2.11
>            Reporter: Jim Scott
>            Priority: Minor
>             Fix For: 1.2.12
>
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> As of 1.2.11 the SmtpAppender now has support for enabling smtp connections 
> to use SSL. It is pretty common to have an SMTP server that is using a 
> Self-Signed certificate which will fail the certificate validation. While you 
> can override the certificate error on an application level to overcome this 
> you might want to limit the ignoring of the certificate error just to the 
> appender.
> Proposed Changes
> Add property that allows one to indicate they wish to ignore certificate 
> failures.
> DisableCertificateValidation
> Add a line like this to SendBuffer method
> ServicePointManager.ServerCertificateValidationCallback += new 
> RemoteCertificateValidationCallback(ValidateRemoteCertificate);
> Then create a call back method like so
> private bool ValidateRemoteCertificate(object sender, 
>                       X509Certificate certificate, 
>                       X509Chain chain, 
>                       SslPolicyErrors policyErrors)
> {
>       if(DisableCertificateValidation) return true;
>       
>       return policyErrors == null;
> }

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to