Add hook to perform custom server certificate validation

[philchuang]

I'm getting the exception "The remote certificate is invalid according to the validation procedure." which is thrown from MetadataLoader.cs:93.

Our Azure App Service is trying to access a site over HTTPS which does not use the standard root certs, so when the WebClient.Open call is made, it tries to validate the server's certificates and then throws an exception.

Unfortunately there is no way to add root certificates to Azure App Services, you can only add certs to CurrentUser/My.

In .NET framework, you can implement your own custom server certificate method by adding a delegate to ServicePointManager.ServerCertificateValidationCallback, which globally handles all client requests.

But in dotnet core, you can't do this globally, you have to supply a delegate to HttpClientHandler.ServerCertificateCustomValidationCallback.

So this request is for:

1. Change MetadataLoader to use HttpClient (HttpMessageHandler) instead of WebClient()
2. Add in a hook so that the implementing code can modify the HttpClientHandler before HttpClient.GetAsync()

[AndersAbel]

Thanks for pointing out the changes in .NET Core. The entire MetadataLoader is up for a redesign, so I'll keep this in mind when doing that.