Search code examples
c#-4.0ssl-certificatecefsharp

How to bypass SSL error CefSharp WinForms

I'm using CefSharp.WinForms to develop an application. When any SSL certificate error occurs, it won't display the web page.

How can I bypass SSL certificate error and display the web page?

Solution

  • Option 1 (Preferred)

    Implement IRequestHandler.OnCertificateError - this method will be called for every invalid certificate. If you only wish to override a few methods of IRequestHandler then you can inherit from RequestHandler and override the methods you are interested in specifically, in this case OnCertificateError

    //Make sure you assign your RequestHandler instance to the `ChromiumWebBrowser`
browser.RequestHandler = new ExampleRequestHandler();

public class ExampleRequestHandler : RequestHandler
{
    protected override bool OnCertificateError(IWebBrowser chromiumWebBrowser, IBrowser browser, CefErrorCode errorCode, string requestUrl, ISslInfo sslInfo, IRequestCallback callback)
    {
        //NOTE: We also suggest you wrap callback in a using statement or explicitly execute callback.Dispose as callback wraps an unmanaged resource.

        //Example #1
        //Return true and call IRequestCallback.Continue() at a later time to continue or cancel the request.
        //In this instance we'll use a Task, typically you'd invoke a call to the UI Thread and display a Dialog to the user
        Task.Run(() =>
        {
            //NOTE: When executing the callback in an async fashion need to check to see if it's disposed
            if (!callback.IsDisposed)
            {
                using (callback)
                {
                    //We'll allow the expired certificate from badssl.com
                    if (requestUrl.ToLower().Contains("https://expired.badssl.com/"))
                    {
                        callback.Continue(true);
                    }
                    else
                    {
                        callback.Continue(false);
                    }
                }
            }
        });

        return true;

        //Example #2
        //Execute the callback and return true to immediately allow the invalid certificate
        //callback.Continue(true); //Callback will Dispose it's self once exeucted
        //return true;

        //Example #3
        //Return false for the default behaviour (cancel request immediately)
        //callback.Dispose(); //Dispose of callback
        //return false;
    }
}

    Option 2

    Set ignore-certificate-errors command line arg

    var settings = new CefSettings();
settings.CefCommandLineArgs.Add("ignore-certificate-errors");

Cef.Initialize(settings);