How to bypass SSL error CefSharp WinForms

Ashish Rathore picture Ashish Rathore · Feb 22, 2016 · Viewed 9.5k times · Source

I'm using CefSharp.WinForms to develop an application. When any SSL certificate error occurs, it won't display the web page.

How can I bypass SSL certificate error and display the web page?

Answer

amaitland picture amaitland · Feb 22, 2016

Option 1 (Preferred)

Implement IRequestHandler.OnCertificateError - this method will be called for every invalid certificate. If you only wish to override a few methods of IRequestHandler then you can inherit from RequestHandler and override the methods you are interested in specifically, in this case OnCertificateError

//Make sure you assign your RequestHandler instance to the `ChromiumWebBrowser`
browser.RequestHandler = new ExampleRequestHandler();

public class ExampleRequestHandler : RequestHandler
{
    protected override bool OnCertificateError(IWebBrowser chromiumWebBrowser, IBrowser browser, CefErrorCode errorCode, string requestUrl, ISslInfo sslInfo, IRequestCallback callback)
    {
        //NOTE: We also suggest you wrap callback in a using statement or explicitly execute callback.Dispose as callback wraps an unmanaged resource.

        //Example #1
        //Return true and call IRequestCallback.Continue() at a later time to continue or cancel the request.
        //In this instance we'll use a Task, typically you'd invoke a call to the UI Thread and display a Dialog to the user
        Task.Run(() =>
        {
            //NOTE: When executing the callback in an async fashion need to check to see if it's disposed
            if (!callback.IsDisposed)
            {
                using (callback)
                {
                    //We'll allow the expired certificate from badssl.com
                    if (requestUrl.ToLower().Contains("https://expired.badssl.com/"))
                    {
                        callback.Continue(true);
                    }
                    else
                    {
                        callback.Continue(false);
                    }
                }
            }
        });

        return true;

        //Example #2
        //Execute the callback and return true to immediately allow the invalid certificate
        //callback.Continue(true); //Callback will Dispose it's self once exeucted
        //return true;

        //Example #3
        //Return false for the default behaviour (cancel request immediately)
        //callback.Dispose(); //Dispose of callback
        //return false;
    }
}

Option 2

Set CefSettings.IgnoreCertificateErrors

var settings = new CefSettings()
{
    IgnoreCertificateErrors = true
};

Cef.Initialize(settings);