revoked client certificate

Posted by Michael on Stack Overflow See other posts from Stack Overflow or by Michael
Published on 2009-10-29T18:34:56Z Indexed on 2010/05/06 2:08 UTC
Read the original article Hit count: 376

Filed under:

x509certificate

Hi guys, I have little problem. I used certificate authority in windows server 2003 and revoked client certificate. The client certificate is in revoked certificate. I try verify this client certificate on revocation in winform app in windows server 2003. Code is here :

private bool VefiryCert(X509Certificate2 cert)
{
    X509Chain chain = new X509Chain();
    chain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain;
    chain.ChainPolicy.RevocationMode =
         X509RevocationMode.Online;
    chain.ChainPolicy.UrlRetrievalTimeout = new TimeSpan(0, 0, 1000);
    chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags; X509VerificationFlags.AllowUnknownCertificateAuthority;
    return chain.Build(cert);
}

But this client certificate is verify as true. I am confuse, where can be problem ? How can I check revocation list, which is loaded in winform application and used on verification this client certificate?

So the problem is I verify client certificate, which is in revoked list (in certification authority) with method VefiryCert, an the certificate is verify as TRUE.

Can somebody help me ?

Related posts about x509certificate

X509Certificate.CreateFromCertFile - the specified network password is not correct

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a .NET application that I want to use as a client to call an SSL SOAP web service. I have been supplied with a valid client certificate called foo.pfx. There is a password on the certificate itself. I've located the certificate at the following location: C:\certs\foo.pfx To call the web service… >>> More
How to obtain a working X509Certificate for my WCF Service hosting

as seen on Stack Overflow - Search for 'Stack Overflow'
I am in the process of hosting my WCF services in my asp.net hosting account and I want to use X509Certificate for authentication of communication. Where do I get a certificate in this instance? Make one and then Ftp it to my account? If yes, how do I reference this certificate for use. If No, how… >>> More
Can I ensure, using C#, that an X509Certificate was issued by a trusted authority?

as seen on Stack Overflow - Search for 'Stack Overflow'
If I use X509Certificate.CreateFromSignedFile to get the certificate used to sign a file, can I confirm that it was signed by a trusted authority - and isn't just a "self-signed" cert of some kind? I want to extract the "Subject" (company) name from the cert to ensure that an unmanaged DLL I'm using… >>> More
Translate Java to Python -- signing strings with PEM certificate files

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm trying to translate the follow Java into its Python equivalent. // certificate is contents of https://fps.sandbox.amazonaws.com/certs/090909/PKICert.pem // signature is a string that I need to verify. CertificateFactory factory = CertificateFactory.getInstance("X.509"); X509Certificate x509Certificate… >>> More
X509Certificate.Export Method

as seen on Stack Overflow - Search for 'Stack Overflow'
I try export cert .pfx : string certPath = "D:\\cert.pfx"; cert = new X509Certificate2(certPath, "pass"); byte[] certData = cert.Export(X509ContentType.Pfx,"pass"); /// **error in this line** X509Certificate newCert = new X509Certificate(certData,"pass"); But it finish with this error : Key… >>> More

Developer IT