With HttpClientHandler, we are able to set a server validation callback and return true (by writing it out or using DangerousAcceptAnyServerCertificateValidator). How can I ensure that I bypass this verification also when I switch my HttpClient to use SocketsHttpHandler after upgrading to .NET Core 2.2? Is this the default? I can't find much information on this topic currently, and I will be deploying to an environment where I'd like to avoid making a breaking change.
@djsoteric I had the same exact issue, solved it this way
public static HttpClient CreateHttpClient()
{
var sslOptions = new SslClientAuthenticationOptions
{
// Leave certs unvalidated for debugging
RemoteCertificateValidationCallback = delegate { return true; },
};
var handler = new SocketsHttpHandler()
{
SslOptions = sslOptions,
};
return new HttpClient(handler);
}