Validating X509 certificates for EWS Managed API

[rrjwilson]

Using the example set out in the MSDN for EWS API I have been trying to validate the server certificate but getting errors.

Operator '<>' is not definted for types 'System.Cryptogrpahy.X509Certificates.X509Chain' and 'Microsoft.VisualBasic.VariantType'.
Operator '<>' is not definted for types '1-dimesnional arrary of System.Security.Cryptography.X509Certificates.X509ChainStatus' and 'Microsoft.VisualBasic.VariantType'.

I understand the errors but I have no idea how to fix the problems because I cannot make a cast orfind anything helpful in the MSDN.. Can anyone help?

Private Function CertificateValidationCallBack(ByVal sender As Object, _
                             ByVal certificate As System.Security.Cryptography.X509Certificates.X509Certificate, _
                             ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, _
                             ByVal sslPolicyErrors As System.Net.Security.SslPolicyErrors) As Boolean

            Dim status As System.Security.Cryptography.X509Certificates.X509ChainStatus

            '' If the certificate is a valid, signed certificate, return true.
            If sslPolicyErrors = Security.SslPolicyErrors.None Then
                Return True
            End If
            '' If there are errors in the certificate chain, look at each error to determine the cause.
            If (sslPolicyErrors & sslPolicyErrors.RemoteCertificateChainErrors) Then
                If (chain <> vbNull) & (chain.ChainStatus <> vbNull) Then
                    For Each status In chain.ChainStatus
                        If (certificate.Subject = certificate.Issuer) & (status.Status = System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.UntrustedRoot) Then
                            '' Self-signed certificates with an untrusted root are valid.
                            Continue For
                        Else
                            If status.Status <> System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.NoError Then
                                '' If there are any other errors in the certificate chain, the certificate is invalid, so the method returns false.
                                Return False
                            End If
                        End If
                    Next
                End If
                '' When processing reaches this line, the only errors in the certificate chain are untrusted root errors for self-signed certificates.
                '' These certificates are valid for default Exchange server installations, so return true.
                Return True
            Else
                '' In all other cases, return false.
                Return False
            End If
        End Function

 

[JohnH]

How to: Test Whether Two Objects Are the Same (Visual Basic)
Nothing (Visual Basic)

 

[rrjwilson]

If (chain <> vbNull) & (chain.ChainStatus <> vbNull) Then

should be

If (chain IsNot Nothing) & (chain.ChainStatus IsNot Nothing) Then

Thank you for helping my muppetry

 

[JohnH]

No, & is the string concatenation operator. That code would produce two Boolean values, convert them to strings, and add them together, for example the string "TrueFalse". If expression would then attempt to convert that string to a Boolean value and evaluate to True or False value. Correct expression is to use a logical operator, and since second expression depends on first not evaluating to False you should use the AndAlso short-circuit operator. AndAlso Operator (Visual Basic)
Option Strict would have warned you about this:

Option Strict On disallows implicit conversions from 'String' to 'Boolean'.

I recommend you turn on Option Strict.

 

[rrjwilson]

So the && C operator of the example should be AndAlso. Thank you

 

[JohnH]

You could for example use this example: Validating X509 certificates
and run it through this code translator: CodeTranslator: Code Translation From VB.NET <-> C#