diff --git a/src/NzbDrone.Common/Security/IgnoreCertErrorPolicy.cs b/src/NzbDrone.Common/Security/IgnoreCertErrorPolicy.cs index 435ae0300..e46221e24 100644 --- a/src/NzbDrone.Common/Security/IgnoreCertErrorPolicy.cs +++ b/src/NzbDrone.Common/Security/IgnoreCertErrorPolicy.cs @@ -1,24 +1,45 @@ using System.Net; using System.Net.Security; using System.Security.Cryptography.X509Certificates; -using NzbDrone.Common.Extensions; +using NLog; +using NzbDrone.Common.EnvironmentInfo; +using NzbDrone.Common.Instrumentation; namespace NzbDrone.Common.Security { public static class IgnoreCertErrorPolicy { + private static Logger _logger = NzbDroneLogger.GetLogger("IgnoreCertErrorPolicy"); + public static void Register() { - ServicePointManager.ServerCertificateValidationCallback = ValidationCallback; + ServicePointManager.ServerCertificateValidationCallback = ShouldByPassValidationError; } - private static bool ValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslpolicyerrors) + private static bool ShouldByPassValidationError(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslpolicyerrors) { var request = sender as HttpWebRequest; - if (request != null && sslpolicyerrors != SslPolicyErrors.None && - (request.Address.OriginalString.ContainsIgnoreCase("nzbdrone.com") || request.Address.OriginalString.ContainsIgnoreCase("sonarr.tv")) - ) + if (request == null) + { + return true; + } + + if (sslpolicyerrors == SslPolicyErrors.None) + { + return true; + } + + _logger.Warn("Request for {0} failed certificated validation. {1}", request.Address, sslpolicyerrors); + + if (OsInfo.IsMono) + { + return true; + } + + var host = request.Address.Host.ToLower(); + + if (host.EndsWith("nzbdrone.com") || host.EndsWith("sonarr.tv")) { return false; }