X509Certificate2 validation on web service

前端未结

关注

 1  1825

刺人心 2021-01-15 08:48

I\'m developing WCF web service that checks if a certificate in XML signature is valid. XML is signed with qualified and valid X509 certificate. While I am running service w

1条回答

无人共我 (楼主)

2021-01-15 09:15

Where is the root certificate located? I think ASP.NET will use the local machine store -- perhaps VS development server uses the user store and is finding the root certificate there but ASP.NET is not finding it? Try adding the root certificate to the local machine store.

You can check the statuses in the X509Chain to get more details:

foreach (X509ChainElement element in chain.ChainElements)
{
    Console.WriteLine ("Element issuer name: {0}", element.Certificate.Issuer);
    Console.WriteLine ("Element certificate valid until: {0}", element.Certificate.NotAfter);
    Console.WriteLine ("Element certificate is valid: {0}", element.Certificate.Verify ());
    Console.WriteLine ("Element error status length: {0}", element.ChainElementStatus.Length);
    Console.WriteLine ("Element information: {0}", element.Information);
    Console.WriteLine ("Number of element extensions: {0}{1}", element.Certificate.Extensions.Count, Environment.NewLine);

    if (ch.ChainStatus.Length > 1)
    {
        for (int index = 0; index < element.ChainElementStatus.Length; index++)
        {
            Console.WriteLine (element.ChainElementStatus[index].Status);
            Console.WriteLine (element.ChainElementStatus[index].StatusInformation);
        }
    }
}

0 讨论(0)