Skipping certificate validation altogether

[dkekesi]

I have an application that sits behind a firewall with no internet access. When I connect to an IMAPS server that has a certificate issued by VeriSign, MailKit will go and try to retrieve certificate revocation information (CRL or OCSP), but it will obviously fail.
I use this method to ignore certificate errors:

client.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return true; };

While this will indeed prevent exceptions caused by lack of CRL/OCSP access, there's a major issue with the approach. This callback only processes the results of certificate validation, thus making me wait for the timeout while the server tries to retrieve revocation data. It is around 1 minute by default, which is a real pain to wait at every connection attempt.

Is there a way to tell MailKit to skip certificate validation altogether, without even trying to do anything (especially going online)?

[jstedfast]

Is there a way to tell SslStream to skip validation? I haven't seen one. So.... no.

[jstedfast]

Found a way.

[dkekesi]

Wow, that was fast. Thanks a million. This is EXACTLY why MailKit/MimeKit is the best. Period.

[dkekesi]

Do you plan to make a new release that contains this feature in the near future? Thanks.

[jstedfast]

Yes. I'm hoping to make a release this weekend but I'm waiting on some feedback on some patches for NTLM fixes.