Can I ensure, using C#, that an X509Certificate was issued by a trusted authority?
Posted
by dommer
on Stack Overflow
See other posts from Stack Overflow
or by dommer
Published on 2010-05-18T11:03:41Z
Indexed on
2010/05/18
12:10 UTC
Read the original article
Hit count: 712
x509certificate
|c#
If I use X509Certificate.CreateFromSignedFile to get the certificate used to sign a file, can I confirm that it was signed by a trusted authority - and isn't just a "self-signed" cert of some kind?
I want to extract the "Subject" (company) name from the cert to ensure that an unmanaged DLL I'm using is unmolested (I can't checksum it as it's updated frequently and independently) and official.
However, I'm concerned that a fake DLL could be signed with a "self-signed" cert and return the original company's name. So, I want to ensure the the cert was issued by Versign, Thwate or similar (anything installed on the cert repository on the machine will be fine).
How can I do this, if at all, when using X509Certificate.CreateFromSignedFile? Or does it do this automatically (i.e. a "self-signed" cert will fail)?
© Stack Overflow or respective owner