Monday, June 07, 2010

Dealing with invalid Certificates

Well, I’ve been working on a project that sends out large amounts of emails. It’s one of those projects that works fine in development, makes it through the test environment fine then BOMBS in production. It turned out that the systems was failing due to an invalid certificate. The certificate being used by the email server had expired months ago and nobody noticed.

While the Server guys were busy getting a new certificate, I implemented a quick fix to get the application working.

The fix involves setting up a call back used for Certificate Validation, very easy. Below is a sample (just Validates any request).


After the call back is setup, it’s just a matter of ensuring it gets called.


And that’s it. Problem solved.

Obviously in the call back you’d actually check the error and only validate the certificate for the specific error you want to, but as an example, this works a treat.


No comments: